Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).
CVE-2013-0249 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Curl
Severity
7.5HIGHNVD
EPSS
44.2%
top 2.44%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
Timeline
PublishedMar 8
Latest updateMay 5
Description
Stack-based buffer overflow in the Curl_sasl_create_digest_md5_message function in lib/curl_sasl.c in curl and libcurl 7.26.0 through 7.28.1, when negotiating SASL DIGEST-MD5 authentication, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the realm parameter in a (1) POP3, (2) SMTP or (3) IMAP message.
CVSS vector
AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4
Affected Packages3 packages
Also affects: Ubuntu Linux 12.10
🔴Vulnerability Details
3GHSA▶
GHSA-mj69-wpmp-9c9f: Stack-based buffer overflow in the Curl_sasl_create_digest_md5_message function in lib/curl_sasl↗2022-05-05
OSV▶
CVE-2013-0249: Stack-based buffer overflow in the Curl_sasl_create_digest_md5_message function in lib/curl_sasl↗2013-03-08
CVEList▶
CVE-2013-0249: Stack-based buffer overflow in the Curl_sasl_create_digest_md5_message function in lib/curl_sasl↗2013-03-08
💥Exploits & PoCs
1📋Vendor Advisories
3💬Community
2Bugzilla▶
CVE-2013-0249 curl: Stack-based buffer overflow when negotiating SASL DIGEST-MD5 authentication with IMAP, POP3 and SMTP protocols [fedora-18]↗2013-02-06
Bugzilla▶
CVE-2013-0249 curl: Stack-based buffer overflow when negotiating SASL DIGEST-MD5 authentication with IMAP, POP3 and SMTP protocols↗2013-02-01