CVE-2009-0037 Information

Feb 14, 2021 cve

Description

The redirect implementation in curl and libcurl 5.11 through 7.19.3 when CURLOPT_FOLLOWLOCATION is enabled accepts arbitrary Location values which might allow remote HTTP servers to (1) trigger arbitrary requests to intranet servers (2) read or overwrite arbitrary files via a redirect to a file: URL or (3) execute arbitrary commands via a redirect to an scp: URL.

Reference

http://curl.haxx.se/docs/adv_20090303.html http://curl.haxx.se/docs/adv_20090303.html http://curl.haxx.se/lxr/source/CHANGES http://curl.haxx.se/lxr/source/CHANGES http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00001.html http://lists.vmware.com/pipermail/security-announce/2009/000060.html [Security-announce] 20090710 VMSA-2009-0009 ESX Service Console updates for udev sudo and curl http://secunia.com/advisories/34138 http://secunia.com/advisories/34202 http://secunia.com/advisories/34237 http://secunia.com/advisories/34251 http://secunia.com/advisories/34255 http://secunia.com/advisories/34259 http://secunia.com/advisories/34399 http://secunia.com/advisories/35766 http://security.gentoo.org/glsa/glsa-200903-21.xml http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.476602 http://support.apple.com/kb/HT4077 http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0042 http://www.debian.org/security/2009/dsa-1738 http://www.redhat.com/support/errata/RHSA-2009-0341.html http://www.securityfocus.com/archive/1/501757/100/0/threaded 20090312 rPSA-2009-0042-1 curl http://www.securityfocus.com/archive/1/504849/100/0/threaded 20090711 VMSA-2009-0009 ESX Service Console updates for udev sudo and curl http://www.securityfocus.com/bid/33962 http://www.securitytracker.com/id?1021783 http://www.ubuntu.com/usn/USN-726-1 http://www.vmware.com/security/advisories/VMSA-2009-0009.html http://www.vupen.com/english/advisories/2009/0581 http://www.vupen.com/english/advisories/2009/1865 http://www.withdk.com/2009/03/03/curllibcurl-redirect-arbitrary-file-access/ http://www.withdk.com/2009/03/03/curllibcurl-redirect-arbitrary-file-access/ http://www.withdk.com/archives/Libcurl_arbitrary_file_access.pdf http://www.withdk.com/archives/Libcurl_arbitrary_file_access.pdf https://exchange.xforce.ibmcloud.com/vulnerabilities/49030 curl-location-security-bypass(49030) https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A11054 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A6074 The redirect implementation in curl and libcurl 5.11 through 7.19.3 when CURLOPT_FOLLOWLOCATION is enabled accepts arbitrary Location values which might allow remote HTTP servers to (1) trigger arbitrary requests to intranet servers (2) read or overwrite arbitrary files via a redirect to a file: URL or (3) execute arbitrary commands via a redirect to an scp: URL. cpe:2.3:a:curl:curl:5.11:::::::* cpe:2.3:a:curl:curl:6.0:::::::* cpe:2.3:a:curl:curl:6.1beta:::::::* cpe:2.3:a:curl:curl:6.2:::::::* cpe:2.3:a:curl:curl:6.3:::::::* cpe:2.3:a:curl:curl:6.3.1:::::::* cpe:2.3:a:curl:curl:6.4:::::::* cpe:2.3:a:curl:curl:6.5:::::::* cpe:2.3:a:curl:curl:6.5.1:::::::* cpe:2.3:a:curl:curl:6.5.2:::::::* cpe:2.3:a:curl:curl:7.1:::::::* cpe:2.3:a:curl:curl:7.1.1:::::::* cpe:2.3:a:curl:curl:7.2:::::::* cpe:2.3:a:curl:curl:7.2.1:::::::* cpe:2.3:a:curl:curl:7.3:::::::* cpe:2.3:a:curl:curl:7.4:::::::* cpe:2.3:a:curl:curl:7.4.1:::::::* cpe:2.3:a:curl:curl:7.4.2:::::::* cpe:2.3:a:curl:curl:7.5:::::::* cpe:2.3:a:curl:curl:7.5.1:::::::* cpe:2.3:a:curl:curl:7.5.2:::::::* cpe:2.3:a:curl:curl:7.6:::::::* cpe:2.3:a:curl:curl:7.6.1:::::::* cpe:2.3:a:curl:curl:7.7:::::::* cpe:2.3:a:curl:curl:7.7.1:::::::* cpe:2.3:a:curl:curl:7.7.2:::::::* cpe:2.3:a:curl:curl:7.7.3:::::::* cpe:2.3:a:curl:curl:7.8:::::::* cpe:2.3:a:curl:curl:7.8.1:::::::* cpe:2.3:a:curl:curl:7.8.2:::::::* cpe:2.3:a:curl:curl:7.9:::::::* cpe:2.3:a:curl:curl:7.9.1:::::::* cpe:2.3:a:curl:curl:7.9.2:::::::* cpe:2.3:a:curl:curl:7.9.3:::::::* cpe:2.3:a:curl:curl:7.9.4:::::::* cpe:2.3:a:curl:curl:7.9.5:::::::* cpe:2.3:a:curl:curl:7.9.6:::::::* cpe:2.3:a:curl:curl:7.9.7:::::::* cpe:2.3:a:curl:curl:7.9.8:::::::* cpe:2.3:a:curl:curl:7.10:::::::* cpe:2.3:a:curl:curl:7.10.1:::::::* cpe:2.3:a:curl:curl:7.10.2:::::::* cpe:2.3:a:curl:curl:7.10.3:::::::* cpe:2.3:a:curl:curl:7.10.4:::::::* cpe:2.3:a:curl:curl:7.10.5:::::::* cpe:2.3:a:curl:curl:7.10.6:::::::* cpe:2.3:a:curl:curl:7.10.7:::::::* cpe:2.3:a:curl:curl:7.10.8:::::::* cpe:2.3:a:curl:curl:7.11.1:::::::* cpe:2.3:a:curl:curl:7.12:::::::* cpe:2.3:a:curl:curl:7.12.1:::::::* cpe:2.3:a:curl:curl:7.12.2:::::::* cpe:2.3:a:curl:curl:7.13:::::::* cpe:2.3:a:curl:curl:7.13.2:::::::* cpe:2.3:a:curl:curl:7.14:::::::* cpe:2.3:a:curl:curl:7.14.1:::::::* cpe:2.3:a:curl:curl:7.15:::::::* cpe:2.3:a:curl:curl:7.15.1:::::::* cpe:2.3:a:curl:curl:7.15.3:::::::* cpe:2.3:a:curl:curl:7.16.3:::::::* cpe:2.3:a:curl:curl:7.16.4:::::::* cpe:2.3:a:curl:curl:7.17:::::::* cpe:2.3:a:curl:curl:7.18:::::::* cpe:2.3:a:curl:curl:7.19.3:::::::* cpe:2.3:a:curl:libcurl:5.11:::::::* cpe:2.3:a:curl:libcurl:7.12:::::::* cpe:2.3:a:curl:libcurl:7.12.1:::::::* cpe:2.3:a:curl:libcurl:7.12.2:::::::* cpe:2.3:a:curl:libcurl:7.12.3:::::::* cpe:2.3:a:curl:libcurl:7.13:::::::* cpe:2.3:a:curl:libcurl:7.13.1:::::::* cpe:2.3:a:curl:libcurl:7.13.2:::::::* cpe:2.3:a:curl:libcurl:7.14:::::::* cpe:2.3:a:curl:libcurl:7.14.1:::::::* cpe:2.3:a:curl:libcurl:7.15:::::::* cpe:2.3:a:curl:libcurl:7.15.1:::::::* cpe:2.3:a:curl:libcurl:7.15.2:::::::* cpe:2.3:a:curl:libcurl:7.15.3:::::::* cpe:2.3:a:curl:libcurl:7.16.3:::::::* cpe:2.3:a:curl:libcurl:7.19.3:::::::*

Share on: