CVE-2013-0249

Haxx Curl - Memory Corruption

Title source: rule
STIX 2.1

Description

Stack-based buffer overflow in the Curl_sasl_create_digest_md5_message function in lib/curl_sasl.c in curl and libcurl 7.26.0 through 7.28.1, when negotiating SASL DIGEST-MD5 authentication, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the realm parameter in a (1) POP3, (2) SMTP or (3) IMAP message.

Exploits (1)

exploitdb WORKING POC
by Volema · pythondoslinux
https://www.exploit-db.com/exploits/24487

References (13)

Core 13
Core References
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/57842
Mailing List vendor-advisory x_refsource_apple
http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html
Exploit exploit x_refsource_exploit-db
http://www.exploit-db.com/exploits/24487
Vendor Advisory vendor-advisory x_refsource_ubuntu
http://www.ubuntu.com/usn/USN-1721-1
Mailing List, Third Party Advisory vendor-advisory x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2013-February/099140.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1028093
Third Party Advisory, VDB Entry vdb-entry x_refsource_osvdb
http://www.osvdb.org/89988
Exploit, Third Party Advisory x_refsource_misc
http://packetstormsecurity.com/files/120147/cURL-Buffer-Overflow.html
Various Sources x_refsource_misc
http://blog.volema.com/curl-rce.html
Vendor Advisory x_refsource_confirm
http://curl.haxx.se/docs/adv_20130206.html

Scores

EPSS 0.4420
EPSS Percentile 97.6%

Details

CWE
CWE-119
Status published
Products (9)
canonical/ubuntu_linux 12.10
haxx/curl 7.26.0
haxx/curl 7.27.0
haxx/curl 7.28.0
haxx/curl 7.28.1
haxx/libcurl 7.26.0
haxx/libcurl 7.27.0
haxx/libcurl 7.28.0
haxx/libcurl 7.28.1
Published Mar 08, 2013
Tracked Since Feb 18, 2026