CVE-2017-8816: The NTLM authentication feature in curl and libcurl before 7.57.0 on 32-bit platforms allows attackers to cause a denial of service (integer overflow and…

CVE-2017-8816 [CRITICAL] cURL/libcURL up to 7.56.x on 32-bit NTLM Authentication integer overflow (RHSA-2018:3558 / Nessus ID 104861) A vulnerability described as critical has been identified in cURL and libcURL up to 7.56.x on 32-bit. This affects an unknown function of the component NTLM Authentication. The manipulation results in integer overflow. This vulnerability is reported as CVE-2017-8816. The attack can be launched remotely. No exploit exists. Upgrading the affected component is recommended.

CVE-2017-8816 [CRITICAL] Apple macOS up to 10.13.4 curl integer overflow (HT208692 / Nessus ID 105264) A vulnerability, which was classified as critical, was found in Apple macOS up to 10.13.4. The affected element is an unknown function of the component curl. Such manipulation leads to integer overflow. This vulnerability is listed as CVE-2017-8816. The attack may be performed from remote. There is no available exploit. A patch should be applied to remediate this issue.

CVE-2017-8816 [CRITICAL] CWE-190 GHSA-2546-5j9r-qggh: The NTLM authentication feature in curl and libcurl before 7 The NTLM authentication feature in curl and libcurl before 7.57.0 on 32-bit platforms allows attackers to cause a denial of service (integer overflow and resultant buffer overflow, and application crash) or possibly have unspecified other impact via vectors involving long user and password fields.

CVE-2018-14618 [CRITICAL] CWE-190 GHSA-4mp9-8964-jxmg: curl before version 7 curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to allocate from the heap. The length value is then subsequently used to iterate over the password and generate output into the allocated storage buffer. On systems with a 32 bit size_t, the math to calculate SUM triggers an integer overflow when the password length exceeds 2GB (2^31 bytes). This integer overflow usually causes a very small buffer to actually get allocated instead of the intended very huge one, making the use of that buffer end up in a heap buffer overflow. (This bug is almost identical to CVE-2017-8816.)

CVE-2018-14618 [CRITICAL] CVE-2018-14618: curl before version 7 curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to allocate from the heap. The length value is then subsequently used to iterate over the password and generate output into the allocated storage buffer. On systems with a 32 bit size_t, the math to calculate SUM triggers an integer overflow when the password length exceeds 2GB (2^31 bytes). This integer overflow usually causes a very small buffer to actually get allocated instead of the intended very huge one, making the use of that buffer end up in a heap buffer overflow. (This bug is almost identical to CVE-2017-8816.)

CVE-2017-8816 [CRITICAL] curl vulnerabilities curl vulnerabilities Alex Nichols discovered that curl incorrectly handled NTLM authentication credentials. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 17.04 and Ubuntu 17.10. (CVE-2017-8816) It was discovered that curl incorrectly handled FTP wildcard matching. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly obtain sensitive information. (CVE-2017-8817)

CVE-2017-8816 [CRITICAL] CVE-2017-8816: The NTLM authentication feature in curl and libcurl before 7 The NTLM authentication feature in curl and libcurl before 7.57.0 on 32-bit platforms allows attackers to cause a denial of service (integer overflow and resultant buffer overflow, and application crash) or possibly have unspecified other impact via vectors involving long user and password fields.

CVE-2018-14618 [CRITICAL] CWE-131 curl: NTLM password overflow via integer overflow curl: NTLM password overflow via integer overflow curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to allocate from the heap. The length value is then subsequently used to iterate over the password and generate output into the allocated storage buffer. On systems with a 32 bit size_t, the math to calculate SUM triggers an integer overflow when the password length exceeds 2GB (2^31 bytes). This integer overflow usually causes a very small buffer to actually get allocated instead of the intended very huge one, making the use of that buffer end up in a heap buffer overflow. (This bug is almost identical

CVE-2017-8816 [CRITICAL] CVE-2017-8816: macOS High Sierra 10.13.4, Security Update 2018-002 Sierra, and Security Update 2018-002 El Capitan Apple Security Update: About the security content of macOS High Sierra 10.13.4, Security Update 2018-002 Sierra, and Security Update 2018-002 El Capitan Product: macOS High Sierra 10.13.4, Security Update 2018-002 Sierra, and Security Update 2018-002 El Capitan CVE: CVE-2017-8816 Component: CoreTypes Impact: Processing a maliciously crafted webpage may result in the mounting of a disk image Description: A logic issue was addressed with improved restrictions.

CVE-2017-8816 [CRITICAL] CVE-2017-8816: macOS High Sierra 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan Apple Security Update: About the security content of macOS High Sierra 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan Product: macOS High Sierra 10.13.3, Security Update 2018-001 Sierra, and Security Update 2018-001 El Capitan CVE: CVE-2017-8816 Component: Audio Impact: Processing a maliciously crafted audio file may lead to arbitrary code execution Description: A memory corruption issue was addressed with improved input validation.

CVE-2018-14618 [CRITICAL] CVE-2018-14618: curl - curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authent... curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curl_ntlm_core_mk_nt_hash multiplies the length of the password by two (SUM) to figure out how large temporary storage area to allocate from the heap. The length value is then subsequently used to iterate over the password and generate output into the allocated storage buffer. On systems with a 32 bit size_t, the math to calculate SUM triggers an integer overflow when the password length exceeds 2GB (2^31 bytes). This integer overflow usually causes a very small buffer to actually get allocated instead of the intended very huge one, making the use of that buffer end up in a heap buffer overflow. (This bug is almost identical to CVE-2017-8816.) Scope: local bookworm: resolved

CVE-2017-8816 [CRITICAL] CWE-190 curl: NTLM buffer overflow via integer overflow curl: NTLM buffer overflow via integer overflow The NTLM authentication feature in curl and libcurl before 7.57.0 on 32-bit platforms allows attackers to cause a denial of service (integer overflow and resultant buffer overflow, and application crash) or possibly have unspecified other impact via vectors involving long user and password fields. Package: rh-dotnetcore10-curl (.NET Core 1.0 on Red Hat Enterprise Linux) - Out of support scope Package: rh-dotnetcore11-curl (.NET Core 1.1 on Red Hat Enterprise Linux) - Out of support scope Package: rh-dotnet20-curl (.NET Core 2.0 on Red Hat Enterprise Linux) - Out of support scope Package: rh-dotnet21-curl (.NET Core 2.1 on Red Hat Enterprise Linux) - Will not fix Package: curl (Red Hat Enterprise Linux 5) - Not affected Package: curl (R

CVE-2017-8816 [CRITICAL] curl vulnerabilities Title: curl vulnerabilities Summary: Several security issues were fixed in curl. Alex Nichols discovered that curl incorrectly handled NTLM authentication credentials. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 16.04 LTS, Ubuntu 17.04 and Ubuntu 17.10. (CVE-2017-8816) It was discovered that curl incorrectly handled FTP wildcard matching. A remote attacker could use this issue to cause curl to crash, resulting in a denial of service, or possibly obtain sensitive information. (CVE-2017-8817) Instructions: In general, a standard system update will make all the necessary changes.

CVE-2017-8816 [CRITICAL] CVE-2017-8816: curl - The NTLM authentication feature in curl and libcurl before 7.57.0 on 32-bit plat... The NTLM authentication feature in curl and libcurl before 7.57.0 on 32-bit platforms allows attackers to cause a denial of service (integer overflow and resultant buffer overflow, and application crash) or possibly have unspecified other impact via vectors involving long user and password fields. Scope: local bookworm: resolved (fixed in 7.57.0-1) bullseye: resolved (fixed in 7.57.0-1) forky: resolved (fixed in 7.57.0-1) sid: resolved (fixed in 7.57.0-1) trixie: resolved (fixed in 7.57.0-1)

CVE-2018-14618 [CRITICAL] CVE-2018-14618 curl: NTLM password overflow via integer overflow CVE-2018-14618 curl: NTLM password overflow via integer overflow NTLM password overflow via integer overflow Project curl Security Advisory, September 5th 2018 - [Permalink](https://curl.haxx.se/docs/CVE-2018-XXXX.html) VULNERABILITY libcurl contains a buffer overflow in the NTLM authentication code. The internal function `Curl_ntlm_core_mk_nt_hash` multiplies the `length` of the password by two (SUM) to figure out how large temporary storage area to allocate from the heap. The `length` value is then subsequently used to iterate over the password and generate output into the allocated storage buffer. On systems with a 32 bit `size_t`, the math to calculate SUM triggers an integer overflow when the password length exceeds 2GB (2^31 bytes). This integer overflow usually causes a very s

CVE-2017-8816 [CRITICAL] CVE-2017-8816 CVE-2017-8817 curl: various flaws [fedora-all] CVE-2017-8816 CVE-2017-8817 curl: various flaws [fedora-all] This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected versions of fedora-all. For comments that are specific to the vulnerability please use bugs filed against the "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When submitting as an update, use the fedpkg template provided in the next comment(s). This will include the bug IDs of this tracking bug as well as the relevant top-level CVE bugs. Please also mention the CVE IDs being fixed in the RPM changelog and the fedpkg commit message. NOTE: this issue affects multiple supported versions of Fedora. While

CVE-2017-8816 [CRITICAL] CVE-2017-8816 CVE-2017-8817 mingw-curl: various flaws [epel-7] CVE-2017-8816 CVE-2017-8817 mingw-curl: various flaws [epel-7] This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected versions of epel-7. For comments that are specific to the vulnerability please use bugs filed against the "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When submitting as an update, use the fedpkg template provided in the next comment(s). This will include the bug IDs of this tracking bug as well as the relevant top-level CVE bugs. Please also mention the CVE IDs being fixed in the RPM changelog and the fedpkg commit message. Discussion: Use the following template to for the 'fedpkg update' requ

CVE-2017-8816 [CRITICAL] CVE-2017-8816 CVE-2017-8817 mingw-curl: various flaws [fedora-all] CVE-2017-8816 CVE-2017-8817 mingw-curl: various flaws [fedora-all] This is an automatically created tracking bug! It was created to ensure that one or more security vulnerabilities are fixed in affected versions of fedora-all. For comments that are specific to the vulnerability please use bugs filed against the "Security Response" product referenced in the "Blocks" field. For more information see: http://fedoraproject.org/wiki/Security/TrackingBugs When submitting as an update, use the fedpkg template provided in the next comment(s). This will include the bug IDs of this tracking bug as well as the relevant top-level CVE bugs. Please also mention the CVE IDs being fixed in the RPM changelog and the fedpkg commit message. NOTE: this issue affects multiple supported versions of Fedora.

CVE-2017-8816 [CRITICAL] CVE-2017-8816 curl: NTLM buffer overflow via integer overflow CVE-2017-8816 curl: NTLM buffer overflow via integer overflow libcurl contains a buffer overrun flaw in the NTLM authentication code. The internal function `Curl_ntlm_core_mk_ntlmv2_hash` sums up the lengths of the user name + password (= SUM) and multiplies the sum by two (= SIZE) to figure out how large storage to allocate from the heap. The SUM value is subsequently used to iterate over the input and generate output into the storage buffer. On systems with a 32 bit `size_t`, the math to calculate SIZE triggers an integer overflow when the combined lengths of the user name and password is larger than 2GB (2^31 bytes). This integer overflow usually causes a very small buffer to actually get allocated instead of the intended very huge one, making the use of that buffer end up in a buffe