CVE-2013-1944
published 2013-04-29CVE-2013-1944: The tailMatch function in cookie.c in cURL and libcurl before 7.30.0 does not properly match the path domain when sending cookies, which allows remote…
PriorityP429medium5CVSS 2.0
AVNACLAuNCPINAN
EPSS
4.99%
91.1th percentile
The tailMatch function in cookie.c in cURL and libcurl before 7.30.0 does not properly match the path domain when sending cookies, which allows remote attackers to steal cookies via a matching suffix in the domain of a URL.
Affected
135 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | curl | < curl 7.29.0-2.1 (bookworm) | curl 7.29.0-2.1 (bookworm) |
| haxx | curl | <= 7.29.0 | — |
| haxx | curl | — | — |
| haxx | curl | — | — |
| haxx | curl | — | — |
| haxx | curl | — | — |
| haxx | curl | — | — |
| haxx | curl | — | — |
| haxx | curl | — | — |
| haxx | curl | — | — |
| haxx | curl | — | — |
| haxx | curl | — | — |
| haxx | curl | — | — |
| haxx | curl | — | — |
| haxx | curl | — | — |
| haxx | curl | — | — |
| haxx | curl | — | — |
| haxx | curl | — | — |
| haxx | curl | — | — |
| haxx | curl | — | — |
CVSS provenance
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:P/I:N/A:N
osv5.0MEDIUM
vendor_debian5.0MEDIUM
vendor_redhat5.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-q8gg-xjf7-2v3w: The tailMatch function in cookie
ghsa_unreviewed·2022-05-17
CVE-2013-1944 [MEDIUM] CWE-200 GHSA-q8gg-xjf7-2v3w: The tailMatch function in cookie
The tailMatch function in cookie.c in cURL and libcurl before 7.30.0 does not properly match the path domain when sending cookies, which allows remote attackers to steal cookies via a matching suffix in the domain of a URL.
OSV
CVE-2013-1944: The tailMatch function in cookie
osv·2013-04-29·CVSS 5.0
CVE-2013-1944 [MEDIUM] CVE-2013-1944: The tailMatch function in cookie
The tailMatch function in cookie.c in cURL and libcurl before 7.30.0 does not properly match the path domain when sending cookies, which allows remote attackers to steal cookies via a matching suffix in the domain of a URL.
Ubuntu
curl vulnerability
vendor_ubuntu·2013-04-16
CVE-2013-1944 curl vulnerability
Title: curl vulnerability
Summary: Applications using libcurl could be made to expose sensitive information
over the network.
YAMADA Yasuharu discovered that libcurl was vulnerable to a cookie
leak when doing requests across domains with matching tails. curl did
not properly restrict cookies to domains and subdomains. If a user or
automated system were tricked into processing a specially crafted URL,
an attacker could read cookie values stored by unrelated webservers.
Instructions: In general, a standard system update will make all the necessary changes.
Red Hat
curl: Cookie domain suffix match vulnerability
vendor_redhat·2013-04-12·CVSS 5.0
CVE-2013-1944 [MEDIUM] curl: Cookie domain suffix match vulnerability
curl: Cookie domain suffix match vulnerability
The tailMatch function in cookie.c in cURL and libcurl before 7.30.0 does not properly match the path domain when sending cookies, which allows remote attackers to steal cookies via a matching suffix in the domain of a URL.
Debian
CVE-2013-1944: curl - The tailMatch function in cookie.c in cURL and libcurl before 7.30.0 does not pr...
vendor_debian·2013·CVSS 5.0
CVE-2013-1944 [MEDIUM] CVE-2013-1944: curl - The tailMatch function in cookie.c in cURL and libcurl before 7.30.0 does not pr...
The tailMatch function in cookie.c in cURL and libcurl before 7.30.0 does not properly match the path domain when sending cookies, which allows remote attackers to steal cookies via a matching suffix in the domain of a URL.
Scope: local
bookworm: resolved (fixed in 7.29.0-2.1)
bullseye: resolved (fixed in 7.29.0-2.1)
forky: resolved (fixed in 7.29.0-2.1)
sid: resolved (fixed in 7.29.0-2.1)
trixie: resolved (fixed in 7.29.0-2.1)
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2013-1944 curl: Cookie domain suffix match vulnerability [fedora-all]
bugzilla·2013-04-12·CVSS 5.0
CVE-2013-1944 [MEDIUM] CVE-2013-1944 curl: Cookie domain suffix match vulnerability [fedora-all]
CVE-2013-1944 curl: Cookie domain suffix match vulnerability [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please use the bodhi submission link
noted in the next comment(s). This will include the bug IDs of this
tracking bug as well as the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
Bodhi notes field when available.
Please note: this issue affects
Bugzilla
CVE-2013-1944 curl: Cookie domain suffix match vulnerability
bugzilla·2013-04-10·CVSS 5.0
CVE-2013-1944 [MEDIUM] CVE-2013-1944 curl: Cookie domain suffix match vulnerability
CVE-2013-1944 curl: Cookie domain suffix match vulnerability
A security flaw was found in the way the library of cURL, an utility for retrieval of files from remote servers, performed match of cookie domain names when making a decision if (previously stored cookies) should be sent to particular domain. Due to a bug in match function implementation, (formerly) the decision / match succeeded also in cases, where just suffix / certain part of the domain name matched the domain name, the current request originated from. A remote attacker could use this flaw to possibly hijack the user session of the victim by submitting a request containing a specially-crafted domain name.
References:
[1] http://thread.gmane.org/gmane.comp.web.curl.library/38986
Acknowledgements:
Red Hat would like to than
arXiv
UniASM: Binary Code Similarity Detection without Fine-tuning
arxiv_fulltext·2025-02-20
UniASM: Binary Code Similarity Detection without Fine-tuning
frontmatter
UniASM: Binary Code Similarity Detection without Fine-tuning
[inst1]Yeming Gu
[inst1]Hui Shu
[inst1]Fei Kang
[inst1]Fan Hu
[inst1]organization=Key Laboratory of Cyberspace Security, Ministry of Education,
city=Zhengzhou,
country=China
## Abstract
Binary code similarity detection (BCSD) is widely used in various binary analysis tasks such as vulnerability search, malware detection, clone detection, and patch analysis. Recent studies have shown that the learning-based binary code embedding models perform better than the traditional feature-based approaches. However, previous studies have not delved deeply into the key factors that affect model performance. In this paper, we design extensive ablation studies to explore these influencing factors. The experimental results have
http://curl.haxx.se/docs/adv_20130412.htmlhttp://lists.apple.com/archives/security-announce/2013/Oct/msg00004.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2013-April/102056.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2013-April/102711.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2013-May/104207.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2013-May/104598.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2013-May/105539.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2013-May/106606.htmlhttp://lists.opensuse.org/opensuse-updates/2013-06/msg00013.htmlhttp://lists.opensuse.org/opensuse-updates/2013-06/msg00016.htmlhttp://rhn.redhat.com/errata/RHSA-2013-0771.htmlhttp://secunia.com/advisories/53044http://secunia.com/advisories/53051http://secunia.com/advisories/53097http://www.debian.org/security/2012/dsa-2660http://www.mandriva.com/security/advisories?name=MDVSA-2013:151http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.htmlhttp://www.osvdb.org/92316http://www.securityfocus.com/bid/59058http://www.ubuntu.com/usn/USN-1801-1https://bugzilla.redhat.com/show_bug.cgi?id=950577https://github.com/bagder/curl/commit/2eb8dcf26cb37f09cffe26909a646e702dbcab66https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0121http://curl.haxx.se/docs/adv_20130412.htmlhttp://lists.apple.com/archives/security-announce/2013/Oct/msg00004.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2013-April/102056.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2013-April/102711.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2013-May/104207.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2013-May/104598.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2013-May/105539.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2013-May/106606.htmlhttp://lists.opensuse.org/opensuse-updates/2013-06/msg00013.htmlhttp://lists.opensuse.org/opensuse-updates/2013-06/msg00016.htmlhttp://rhn.redhat.com/errata/RHSA-2013-0771.htmlhttp://secunia.com/advisories/53044http://secunia.com/advisories/53051http://secunia.com/advisories/53097http://www.debian.org/security/2012/dsa-2660http://www.mandriva.com/security/advisories?name=MDVSA-2013:151http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.htmlhttp://www.osvdb.org/92316http://www.securityfocus.com/bid/59058http://www.ubuntu.com/usn/USN-1801-1https://bugzilla.redhat.com/show_bug.cgi?id=950577https://github.com/bagder/curl/commit/2eb8dcf26cb37f09cffe26909a646e702dbcab66https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0121
2013-04-29
Published