CVE-2019-3823

CVE-2019-3823

Name

CVE-2019-3823

Description

libcurl versions from 7.34.0 to before 7.64.0 are vulnerable to a heap out-of-bounds read in the code handling the end-of-response for SMTP. If the buffer passed to `smtp_endofresp()` isn't NUL terminated and contains no character ending the parsed number, and `len` is set to 5, then the `strtol()` call reads beyond the allocated buffer. The read contents will not be returned to the caller.

NVD Severity

medium

Other trackers

CVE, NVD, CERT, CVE Details, CIRCL, Arch Linux, Debian, Red Hat, Ubuntu, Gentoo, SUSE (Bugzilla), SUSE (CVE), Mageia

Mailing lists

oss-security, full-disclosure, bugtraq

Exploits

Exploit DB, Metasploit

Forges

GitHub (code, issues), Aports (code, issues)

Type	URI
Patch	https://curl.haxx.se/docs/CVE-2019-3823.html
Exploit	https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3823
Third Party Advisory	https://www.debian.org/security/2019/dsa-4386
Third Party Advisory	https://usn.ubuntu.com/3882-1/
Third Party Advisory	http://www.securityfocus.com/bid/106950
Third Party Advisory	https://security.gentoo.org/glsa/201903-03
Exploit	https://security.netapp.com/advisory/ntap-20190315-0001/
Mailing List	https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f@%3Cdevnull.infra.apache.org%3E
Patch	https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html
MISC	https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
REDHAT	https://access.redhat.com/errata/RHSA-2019:3701
CONFIRM	https://cert-portal.siemens.com/productcert/pdf/ssa-936080.pdf

Type

URI

Patch

https://curl.haxx.se/docs/CVE-2019-3823.html

Exploit

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-3823

Third Party Advisory

https://www.debian.org/security/2019/dsa-4386

Third Party Advisory

https://usn.ubuntu.com/3882-1/

Third Party Advisory

http://www.securityfocus.com/bid/106950

Third Party Advisory

https://security.gentoo.org/glsa/201903-03

Exploit

https://security.netapp.com/advisory/ntap-20190315-0001/

Mailing List

https://lists.apache.org/thread.html/8338a0f605bdbb3a6098bb76f666a95fc2b2f53f37fa1ecc89f1146f@%3Cdevnull.infra.apache.org%3E

Patch

https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html

MISC

https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

REDHAT

https://access.redhat.com/errata/RHSA-2019:3701

CONFIRM

https://cert-portal.siemens.com/productcert/pdf/ssa-936080.pdf

CPE URI	Source package	Min version	Max version
`cpe:2.3:a:haxx:libcurl::::::::`	libcurl	>= 7.34.0	< 7.64.0

CPE URI

Source package

Min version

Max version

cpe:2.3:a:haxx:libcurl:*:*:*:*:*:*:*:*

libcurl

>= 7.34.0

< 7.64.0

Vulnerable and fixed packages

Source package	Branch	Version	Maintainer	Status
curl	edge-main	7.64.0-r0	None	fixed
curl	3.22-main	7.64.0-r0	None	fixed
curl	3.21-main	7.64.0-r0	None	fixed
curl	3.20-main	7.64.0-r0	None	fixed
curl	3.19-main	7.64.0-r0	None	fixed
curl	3.18-main	7.64.0-r0	None	fixed
curl	3.17-main	7.64.0-r0	None	fixed
curl	3.12-main	7.64.0-r0	None	fixed
curl	3.11-main	7.64.0-r0	None	fixed
curl	3.10-main	7.64.0-r0	None	fixed

Source package

Branch

Version

Maintainer

Status

curl

edge-main

7.64.0-r0

None

fixed

curl

3.22-main