FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2009-0037

This CVE name corresponds to:

Entered	Topic
2009-03-04	curl -- cURL/libcURL Location: Redirect URLs Security Bypass

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2009-0037 at cve.mitre.org

Details

Type	Candidate
Name	CVE-2009-0037
Phase	Assigned(20081215)

Description

The redirect implementation in curl and libcurl 5.11 through 7.19.3, when CURLOPT_FOLLOWLOCATION is enabled, accepts arbitrary Location values, which might allow remote HTTP servers to (1) trigger arbitrary requests to intranet servers, (2) read or overwrite arbitrary files via a redirect to a file: URL, or (3) execute arbitrary commands via a redirect to an scp: URL.

References

Source	Reference
BUGTRAQ	20090312 rPSA-2009-0042-1 curl
BUGTRAQ	20090711 VMSA-2009-0009 ESX Service Console updates for udev, sudo, and curl
MLIST	[Security-announce] 20090710 VMSA-2009-0009 ESX Service Console updates for udev, sudo, and curl
MISC	http://www.withdk.com/2009/03/03/curllibcurl-redirect-arbitrary-file-access/
MISC	http://www.withdk.com/archives/Libcurl_arbitrary_file_access.pdf
CONFIRM	http://curl.haxx.se/docs/adv_20090303.html
CONFIRM	http://curl.haxx.se/lxr/source/CHANGES
CONFIRM	http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0042
CONFIRM	http://www.vmware.com/security/advisories/VMSA-2009-0009.html
CONFIRM	http://support.apple.com/kb/HT4077
APPLE	APPLE-SA-2010-03-29-1
DEBIAN	DSA-1738
GENTOO	GLSA-200903-21
REDHAT	RHSA-2009:0341
SLACKWARE	SSA:2009-069-01
SUSE	SUSE-SR:2009:006
UBUNTU	USN-726-1
BID	33962
OVAL	oval:org.mitre.oval:def:11054
OVAL	oval:org.mitre.oval:def:6074
SECTRACK	1021783
SECUNIA	34138
SECUNIA	34202
SECUNIA	34255
SECUNIA	34259
SECUNIA	34237
SECUNIA	34251
SECUNIA	34399
SECUNIA	35766
VUPEN	ADV-2009-0581
VUPEN	ADV-2009-1865
XF	curl-location-security-bypass(49030)