CVE-2012-0036: curl and libcurl 7.2x before 7.24.0 do not properly consider special characters during extraction of a pathname from a URL, which allows remote attackers to…

CVE-2012-0036 [HIGH] curl: URL sanitization vulnerability curl: URL sanitization vulnerability curl and libcurl 7.2x before 7.24.0 do not properly consider special characters during extraction of a pathname from a URL, which allows remote attackers to conduct data-injection attacks via a crafted URL, as demonstrated by a CRLF injection attack on the (1) IMAP, (2) POP3, or (3) SMTP protocol. Statement: Not vulnerable. This issue did not affect the versions of curl as shipped with Red Hat Enterprise Linux 4, 5 or 6. Package: curl (Red Hat Enterprise Linux 4) - Not affected Package: curl (Red Hat Enterprise Linux 5) - Not affected Package: curl (Red Hat Enterprise Linux 6) - Not affected

CVE-2012-0036 curl vulnerability Title: curl vulnerability Summary: curl could be tricked into injecting arbitrary data if it handled a malicious URL. Dan Fandrich discovered that curl incorrectly handled URLs containing embedded or percent-encoded control characters. If a user or automated system were tricked into processing a specially crafted URL, arbitrary data could be injected. Instructions: In general, a standard system update will make all the necessary changes.

CVE-2012-0036 [HIGH] CVE-2012-0036: curl - curl and libcurl 7.2x before 7.24.0 do not properly consider special characters ... curl and libcurl 7.2x before 7.24.0 do not properly consider special characters during extraction of a pathname from a URL, which allows remote attackers to conduct data-injection attacks via a crafted URL, as demonstrated by a CRLF injection attack on the (1) IMAP, (2) POP3, or (3) SMTP protocol. Scope: local bookworm: resolved (fixed in 7.24.0-1) bullseye: resolved (fixed in 7.24.0-1) forky: resolved (fixed in 7.24.0-1) sid: resolved (fixed in 7.24.0-1) trixie: resolved (fixed in 7.24.0-1)

CVE-2012-0036 [HIGH] CWE-89 GHSA-xxw5-p895-cp2c: curl and libcurl 7 curl and libcurl 7.2x before 7.24.0 do not properly consider special characters during extraction of a pathname from a URL, which allows remote attackers to conduct data-injection attacks via a crafted URL, as demonstrated by a CRLF injection attack on the (1) IMAP, (2) POP3, or (3) SMTP protocol.

CVE-2012-0036 [HIGH] CVE-2012-0036: curl and libcurl 7 curl and libcurl 7.2x before 7.24.0 do not properly consider special characters during extraction of a pathname from a URL, which allows remote attackers to conduct data-injection attacks via a crafted URL, as demonstrated by a CRLF injection attack on the (1) IMAP, (2) POP3, or (3) SMTP protocol.

[HIGH] curl mishandles `%0c%0b` sequences in HTTP responses leading to CRLF confusions, Headers and Cookies Injection curl mishandles `%0c%0b` sequences in HTTP responses leading to CRLF confusions, Headers and Cookies Injection ## Summary: Hello, Actually, this bug was found unexpectedly during some security audits on a private asset, we found some differences on how burp proxy/python's requests library handles the asset's HTTP responses on a certain endpoint and how curl handles the same HTTP responses, the bug arises when curl treats `%0c and %0b sequences` literally regardless how web servers respond to these characters, the mentioned asset was well-protected against CRLF injections as we didn't had success to inject headers/cookies using the known `%0a%0b` sequence, curl also didn't respond to our payloads as we hope, however, we tried using other non-printable characters, curl unexpectedly respond

CVE-2012-0036 [HIGH] CVE-2012-0036 curl: URL sanitization vulnerability [fedora-all] CVE-2012-0036 curl: URL sanitization vulnerability [fedora-all] This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected Fedora versions. For comments that are specific to the vulnerability please use bugs filed against "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When creating a Bodhi update request, please include this bug ID and the bug IDs of this bug's parent bugs filed against the "Security Response" product (the top-level CVE bugs). Please mention the CVE IDs being fixed in the RPM changelog when available. Bodhi update submission link: https://admin.fedoraproject.org/updates/new/?type_=security&bugs=773457

CVE-2012-0036 [HIGH] CVE-2012-0036 curl: URL sanitization vulnerability [fedora-all] CVE-2012-0036 curl: URL sanitization vulnerability [fedora-all] This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected Fedora versions. For comments that are specific to the vulnerability please use bugs filed against "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When creating a Bodhi update request, please include this bug ID and the bug IDs of this bug's parent bugs filed against the "Security Response" product (the top-level CVE bugs). Please mention the CVE IDs being fixed in the RPM changelog when available. Bodhi update submission link: https://admin.fedoraproject.org/updates/new/?type_=security&bugs=773457

CVE-2012-0036 [HIGH] CVE-2012-0036 curl: URL sanitization vulnerability [epel-5] CVE-2012-0036 curl: URL sanitization vulnerability [epel-5] This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected Fedora versions. For comments that are specific to the vulnerability please use bugs filed against "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When creating a Bodhi update request, please include this bug ID and the bug IDs of this bug's parent bugs filed against the "Security Response" product (the top-level CVE bugs). Please mention the CVE IDs being fixed in the RPM changelog when available. Bodhi update submission link: https://admin.fedoraproject.org/updates/new/?type_=security&bugs=773457 ep

CVE-2012-0036 [HIGH] CVE-2012-0036 curl: URL sanitization vulnerability CVE-2012-0036 curl: URL sanitization vulnerability A flaw was found in the way that curl sanitized URLs. The upstream advisory [1] reports: libcurl is vulnerable to a data injection attack for certain protocols through control characters embedded or percent-encoded in URLs. When parsing URLs, libcurl's parser is very laxed and liberal and only parses as little as possible and lets as much as possible through as long as it can figure out what to do. In the specific process when libcurl extracts the file path part from a given URL, it didn't always verify the data or escape control characters properly before it passed the file path on to the protocol-specific code that then would use it for its protocol business. This passing through of control characters could be exploited by someone w