Open redirect in curl (Alpine package)



Risk Low
Patch available YES
Number of vulnerabilities 1
CVE-ID CVE-2017-1000100
CWE-ID CWE-601
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe 		curl (Alpine package)
Operating systems & Components / Operating system package or component

Vendor Alpine Linux Development Team

Security Bulletin

This security bulletin contains one low risk vulnerability.

1) Open redirect

EUVDB-ID: #VU7884

Risk: Low

CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2017-1000100

CWE-ID: CWE-601 - URL Redirection to Untrusted Site ('Open Redirect')

Exploit availability: No

Description

The vulnerability allows a remote attacker to redirect website visitors to external websites.

The weakness exists due to incorrect validation of redirected URL. A remote attacker can redirect the target user's curl request to a TFTP URL with a long filename to cause the target user's curl application to send portions of system memory.

Successful exploitation of the vulnerability results in information disclosure.

Mitigation

Install update from vendor's website.

Vulnerable software versions

curl (Alpine package): 7.21.1-r0 - 7.54.1-r0

CPE2.3 External links

http://git.alpinelinux.org/aports/commit/?id=cbf50badfab16636b8752fadd5fa558b9fca6999
http://git.alpinelinux.org/aports/commit/?id=4a60b4d3583938cdd36c82d763ac5167d7720079
http://git.alpinelinux.org/aports/commit/?id=8e6f31c56dbe2966fb43113f9c7c1039bbef9865
http://git.alpinelinux.org/aports/commit/?id=a51f2d7593706eb38073b80df6192c6730f36c60
http://git.alpinelinux.org/aports/commit/?id=dba8b02f8c7dbcbb9187eac2b24fd749edc37599


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###