Security holes affect multiple Linux/Unix products

Attackers could exploit two flaws in cURL to launch malicious code on a variety of Linux-based operating systems.

Attackers could launch malicious code by exploiting vulnerabilities in a file transferring tool used in many Linux and Unix systems, according to two security firms.

Reston, Va.-based iDefense said the security holes exist in cURL/libcURL, a command line tool for transferring files with a URL syntax such as FTP, FTPS, HTTP, HTTPS, GOPHER, TELNET, DICT, FILE and LDAP.

iDefense said the first problem is a boundary error in the "Curl_input_ntlm()" function during NT Lan Manager (NTLM) authentication. By returning an overly long response when a user unwittingly connects to a malicious server, attackers can cause a stack-based buffer overflow and launch malicious code under the privileges of the victim.

The second problem is a boundary error in the "Curl_krb_kauth()" function during Kerberos authentication. Like the first glitch, an attacker could exploit this to launch malicious code by returning an overly long response when the victim connects to a malicious server.

Other news stories of interest

Vulnerabilities: The ripple effect and the components of doom

Fixes, workaround for Kerberos 5 vulnerability

Vulnerabilities in MIT Kerberos 5

 

iDefense said it confirmed the flaws in cURL version 7.12.1 and that earlier versions are likely affected as well. Any application built using a vulnerable version of libcURL will also be affected, the firm said.

Danish firm Secunia labeled the vulnerabilities "moderately critical" and noted that the vendor has issued a fix for the NTLM vulnerability. For the second flaw, the firm recommended users recompile cURL without Kerberos support.

The tool exists in a variety of Linux/Unix systems distributed by such vendors as Mandrake, Redhat, Debian, SUSE, Stampede, Connectiva, Gentoo and Fedora.

Dig deeper on Alternative OS security: Mac, Linux, Unix, etc.

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchConsumerization

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly

Close