FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

curl -- libcurl buffer overflow vulnerability

Affected packages
7.10.5 <= curl < 7.20.0

Details

VuXML ID c8c31c41-49ed-11df-83fb-0015587e2cc1
Discovery 2010-02-09
Entry 2010-04-19

The cURL project reports in a security advisory:

Using the affected libcurl version to download compressed content over HTTP, an application can ask libcurl to automatically uncompress data. When doing so, libcurl can wrongly send data up to 64K in size to the callback which thus is much larger than the documented maximum size.

An application that blindly trusts libcurl's max limit for a fixed buffer size or similar is then a possible target for a buffer overflow vulnerability.

References

CVE Name CVE-2010-0734
URL http://curl.haxx.se/docs/adv_20100209.html
URL http://www.debian.org/security/2010/dsa-2023
URL http://www.openwall.com/lists/oss-security/2010/02/09/5