curl can be told to parse a `.netrc` file for credentials. If that file endsin a line with 4095 consecutive non-white space letters and no newline, curlwould first read past the end of the stack-based buffer, and if the readworks, write a zero byte beyond its boundary.This will in most cases cause a segfault or similar, but circumstances might also cause different outcomes.If a malicious user can provide a custom netrc file to an application or otherwise affect its contents, this flaw could be used as denial-of-service.
References
Link | Resource |
---|---|
http://seclists.org/fulldisclosure/2023/Jan/19 | Mailing List Third Party Advisory |
http://seclists.org/fulldisclosure/2023/Jan/20 | Mailing List Third Party Advisory |
https://hackerone.com/reports/1721098 | Exploit Patch Third Party Advisory |
https://security.gentoo.org/glsa/202212-01 | Third Party Advisory |
https://security.netapp.com/advisory/ntap-20230110-0006/ | Third Party Advisory |
https://support.apple.com/kb/HT213604 | Third Party Advisory |
https://support.apple.com/kb/HT213605 | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
AND |
|
Configuration 4 (hide)
AND |
|
Configuration 5 (hide)
AND |
|
Configuration 6 (hide)
AND |
|
Configuration 7 (hide)
|
Configuration 8 (hide)
|
History
27 Mar 2024, 15:00
Type | Values Removed | Values Added |
---|---|---|
First Time |
Splunk
Splunk universal Forwarder |
|
CPE | cpe:2.3:a:splunk:universal_forwarder:*:*:*:*:*:*:*:* cpe:2.3:a:splunk:universal_forwarder:9.1.0:*:*:*:*:*:*:* |
|
References | () http://seclists.org/fulldisclosure/2023/Jan/19 - Mailing List, Third Party Advisory | |
References | () http://seclists.org/fulldisclosure/2023/Jan/20 - Mailing List, Third Party Advisory |
01 Mar 2023, 15:06
Type | Values Removed | Values Added |
---|---|---|
References | (FULLDISC) http://seclists.org/fulldisclosure/2023/Jan/19 - Third Party Advisory | |
References | (FULLDISC) http://seclists.org/fulldisclosure/2023/Jan/20 - Third Party Advisory | |
References | (CONFIRM) https://security.netapp.com/advisory/ntap-20230110-0006/ - Third Party Advisory | |
References | (CONFIRM) https://support.apple.com/kb/HT213605 - Third Party Advisory | |
References | (CONFIRM) https://support.apple.com/kb/HT213604 - Third Party Advisory | |
CPE | cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:* cpe:2.3:o:apple:macos:*:*:*:*:*:*:*:* cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:* cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:* cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:* cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:* |
|
First Time |
Netapp h700s
Netapp h500s Netapp h700s Firmware Apple macos Netapp Apple Netapp h410s Netapp h300s Firmware Netapp clustered Data Ontap Netapp h500s Firmware Netapp h300s Netapp h410s Firmware |
26 Jan 2023, 21:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
23 Jan 2023, 20:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
10 Jan 2023, 16:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
05 Jan 2023, 17:27
Type | Values Removed | Values Added |
---|---|---|
References | (GENTOO) https://security.gentoo.org/glsa/202212-01 - Third Party Advisory |
19 Dec 2022, 04:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
07 Dec 2022, 15:14
Type | Values Removed | Values Added |
---|---|---|
First Time |
Haxx curl
Haxx |
|
References | (MISC) https://hackerone.com/reports/1721098 - Exploit, Patch, Third Party Advisory | |
CPE | cpe:2.3:a:haxx:curl:*:*:*:*:*:*:*:* | |
CWE | CWE-787 | |
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 6.5 |
05 Dec 2022, 23:40
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-12-05 22:15
Updated : 2024-03-27 15:00
NVD link : CVE-2022-35260
Mitre link : CVE-2022-35260
CVE.ORG link : CVE-2022-35260
JSON object : View
Products Affected
netapp
- h700s_firmware
- h300s_firmware
- h500s
- h300s
- h410s
- h410s_firmware
- h500s_firmware
- clustered_data_ontap
- h700s
splunk
- universal_forwarder
apple
- macos
haxx
- curl