Home

CVE-2019-3822

Description

libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an outgoing NTLM type-3 header (lib/vauth/ntlm.c:Curl_auth_create_ntlm_type3_message()), generates the request HTTP header contents based on previously received data. The check that exists to prevent the local buffer from getting overflowed is implemented wrongly (using unsigned math) and as such it does not prevent the overflow from happening. This output data can grow larger than the local buffer if very large nt response data is extracted from a previous NTLMv2 header provided by the malicious or broken HTTP server. Such a large value needs to be around 1000 bytes or more. The actual payload data copied to the target buffer comes from the NTLMv2 type-2 response header.

Risk Information

Base Score
9.8
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
27.871

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities are affected in Mysql 8.0.15Windows
Multiple vulnerabilities are affected in Mysql 5.7.26Windows
Vulnerabilities CVE-2018-16890,CVE-2019-3822,CVE-2019-3823 are affected in Curl For Windows 7.63.0Windows
Vulnerabilities CVE-2018-16890,CVE-2019-3822,CVE-2019-3823 are fixed in Curl For Windows 7.64.0Windows
Multiple Vulnerabilities are affected in Netapp Snapcenter -Windows
Multiple Vulnerabilities are affected in Netapp Oncommand Workflow Automation -Windows
Multiple Vulnerabilities are affected in Netapp Oncommand Insight -Windows
Multiple Vulnerabilities are affected in Netapp Active Iq Unified Manager 2.3Windows
Multiple vulnerabilities are affected in Oracle HTTP Server 12.2.1.3.0Windows
HTTP, HTTPS, and FTP client and client libraries (USN-3648-1) curl_7.47.0-1ubuntu2.12_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3648-1) curl_7.47.0-1ubuntu2.12_amd64.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3648-1) curl_7.35.0-1ubuntu2.20_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3648-1) curl_7.35.0-1ubuntu2.20_amd64.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3648-1) libcurl3_7.47.0-1ubuntu2.12_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3648-1) libcurl3_7.47.0-1ubuntu2.12_amd64.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3648-1) libcurl3_7.35.0-1ubuntu2.20_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3648-1) libcurl3_7.35.0-1ubuntu2.20_amd64.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3648-1) libcurl3-nss_7.47.0-1ubuntu2.12_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3648-1) libcurl3-nss_7.47.0-1ubuntu2.12_amd64.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3648-1) libcurl3-nss_7.35.0-1ubuntu2.20_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3648-1) libcurl3-nss_7.35.0-1ubuntu2.20_amd64.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3648-1) libcurl3-gnutls_7.47.0-1ubuntu2.12_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3648-1) libcurl3-gnutls_7.47.0-1ubuntu2.12_amd64.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3648-1) libcurl3-gnutls_7.35.0-1ubuntu2.20_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3648-1) libcurl3-gnutls_7.35.0-1ubuntu2.20_amd64.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3710-1) curl_7.58.0-2ubuntu3.6_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3710-1) curl_7.58.0-2ubuntu3.6_amd64.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3710-1) libcurl4_7.58.0-2ubuntu3.6_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3710-1) libcurl4_7.58.0-2ubuntu3.6_amd64.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3710-1) libcurl3-nss_7.58.0-2ubuntu3.6_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3710-1) libcurl3-nss_7.58.0-2ubuntu3.6_amd64.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3710-1) libcurl3-gnutls_7.58.0-2ubuntu3.6_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3710-1) libcurl3-gnutls_7.58.0-2ubuntu3.6_amd64.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3765-1) curl_7.47.0-1ubuntu2.12_amd64.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3765-1) curl_7.47.0-1ubuntu2.12_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3765-1) curl_7.58.0-2ubuntu3.6_amd64.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3765-1) curl_7.58.0-2ubuntu3.6_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3765-1) curl_7.35.0-1ubuntu2.20_amd64.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3765-1) curl_7.35.0-1ubuntu2.20_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3765-1) libcurl3_7.47.0-1ubuntu2.12_amd64.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3765-1) libcurl3_7.47.0-1ubuntu2.12_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3765-1) libcurl3_7.35.0-1ubuntu2.20_amd64.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3765-1) libcurl3_7.35.0-1ubuntu2.20_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3765-1) libcurl4_7.58.0-2ubuntu3.6_amd64.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3765-1) libcurl4_7.58.0-2ubuntu3.6_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3765-1) libcurl3-nss_7.47.0-1ubuntu2.12_amd64.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3765-1) libcurl3-nss_7.47.0-1ubuntu2.12_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3765-1) libcurl3-nss_7.58.0-2ubuntu3.6_amd64.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3765-1) libcurl3-nss_7.58.0-2ubuntu3.6_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3765-1) libcurl3-nss_7.35.0-1ubuntu2.20_amd64.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3765-1) libcurl3-nss_7.35.0-1ubuntu2.20_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3765-1) libcurl3-gnutls_7.47.0-1ubuntu2.12_amd64.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3765-1) libcurl3-gnutls_7.47.0-1ubuntu2.12_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3765-1) libcurl3-gnutls_7.58.0-2ubuntu3.6_amd64.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3765-1) libcurl3-gnutls_7.58.0-2ubuntu3.6_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3765-1) libcurl3-gnutls_7.35.0-1ubuntu2.20_amd64.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3765-1) libcurl3-gnutls_7.35.0-1ubuntu2.20_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3882-1) curl_7.58.0-2ubuntu3.6_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3882-1) curl_7.58.0-2ubuntu3.6_amd64.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3882-1) curl_7.61.0-1ubuntu2.3_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3882-1) curl_7.61.0-1ubuntu2.3_amd64.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3882-1) curl_7.35.0-1ubuntu2.20_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3882-1) curl_7.35.0-1ubuntu2.20_amd64.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3882-1) curl_7.47.0-1ubuntu2.12_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3882-1) curl_7.47.0-1ubuntu2.12_amd64.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3882-1) libcurl3_7.35.0-1ubuntu2.20_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3882-1) libcurl3_7.35.0-1ubuntu2.20_amd64.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3882-1) libcurl3_7.47.0-1ubuntu2.12_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3882-1) libcurl3_7.47.0-1ubuntu2.12_amd64.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3882-1) libcurl4_7.58.0-2ubuntu3.6_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3882-1) libcurl4_7.58.0-2ubuntu3.6_amd64.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3882-1) libcurl4_7.61.0-1ubuntu2.3_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3882-1) libcurl4_7.61.0-1ubuntu2.3_amd64.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3882-1) libcurl3-nss_7.58.0-2ubuntu3.6_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3882-1) libcurl3-nss_7.58.0-2ubuntu3.6_amd64.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3882-1) libcurl3-nss_7.61.0-1ubuntu2.3_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3882-1) libcurl3-nss_7.61.0-1ubuntu2.3_amd64.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3882-1) libcurl3-nss_7.35.0-1ubuntu2.20_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3882-1) libcurl3-nss_7.35.0-1ubuntu2.20_amd64.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3882-1) libcurl3-nss_7.47.0-1ubuntu2.12_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3882-1) libcurl3-nss_7.47.0-1ubuntu2.12_amd64.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3882-1) libcurl3-gnutls_7.58.0-2ubuntu3.6_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3882-1) libcurl3-gnutls_7.58.0-2ubuntu3.6_amd64.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3882-1) libcurl3-gnutls_7.61.0-1ubuntu2.3_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3882-1) libcurl3-gnutls_7.61.0-1ubuntu2.3_amd64.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3882-1) libcurl3-gnutls_7.35.0-1ubuntu2.20_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3882-1) libcurl3-gnutls_7.35.0-1ubuntu2.20_amd64.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3882-1) libcurl3-gnutls_7.47.0-1ubuntu2.12_i386.debLinux
HTTP, HTTPS, and FTP client and client libraries (USN-3882-1) libcurl3-gnutls_7.47.0-1ubuntu2.12_amd64.debLinux
curl security update(DSA-4386-1) curl_7.52.1-5+deb9u9_i386.debLinux
curl security update(DSA-4386-1) curl_7.52.1-5+deb9u9_amd64.debLinux
SUSE-SU-2019:0249-1(SUSE Linux Enterprise Desktop 12-SP3 ) curl-7.37.0-37.34.1.x86_64.rpmLinux
SUSE-SU-2019:0249-1(SUSE Linux Enterprise Desktop 12-SP3 ) curl-debuginfo-7.37.0-37.34.1.x86_64.rpmLinux
SUSE-SU-2019:0249-1(SUSE Linux Enterprise Desktop 12-SP3 ) curl-debugsource-7.37.0-37.34.1.x86_64.rpmLinux
SUSE-SU-2019:0249-1(SUSE Linux Enterprise Desktop 12-SP3 ) libcurl4-7.37.0-37.34.1.x86_64.rpmLinux
SUSE-SU-2019:0249-1(SUSE Linux Enterprise Desktop 12-SP3 ) libcurl4-32bit-7.37.0-37.34.1.x86_64.rpmLinux
SUSE-SU-2019:0249-1(SUSE Linux Enterprise Desktop 12-SP3 ) libcurl4-debuginfo-7.37.0-37.34.1.x86_64.rpmLinux
SUSE-SU-2019:0249-1(SUSE Linux Enterprise Desktop 12-SP3 ) libcurl4-debuginfo-32bit-7.37.0-37.34.1.x86_64.rpmLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234