exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 9 of 9 RSS Feed

CVE-2023-38546

Status Candidate

Overview

This flaw allows an attacker to insert cookies at will into a running program using libcurl, if the specific series of conditions are met. libcurl performs transfers. In its API, an application creates "easy handles" that are the individual handles for single transfers. libcurl provides a function call that duplicates en easy handle called [curl_easy_duphandle](https://curl.se/libcurl/c/curl_easy_duphandle.html). If a transfer has cookies enabled when the handle is duplicated, the cookie-enable state is also cloned - but without cloning the actual cookies. If the source handle did not read any cookies from a specific file on disk, the cloned version of the handle would instead store the file name as `none` (using the four ASCII letters, no quotes). Subsequent use of the cloned handle that does not explicitly set a source to load cookies from would then inadvertently load cookies from a file named `none` - if such a file exists and is readable in the current directory of the program using libcurl. And if using the correct file format of course.

Related Files

Red Hat Security Advisory 2024-2101-03
Posted Apr 30, 2024
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2024-2101-03 - Updated Satellite Client packages that fixes Low security bugs and regular bugs are now available for Red Hat Satellite.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-38546
SHA-256 | 6d1bd43c071e36b9442c46a86fdad9287419f5e723b0bea841209d90b0858d8c
Download | Favorite | View
Apple Security Advisory 01-22-2024-7
Posted Jan 29, 2024
Authored by Apple | Site apple.com

Apple Security Advisory 01-22-2024-7 - macOS Monterey 12.7.3 addresses code execution vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple
advisories | CVE-2023-38039, CVE-2023-38545, CVE-2023-38546, CVE-2023-42888, CVE-2023-42915, CVE-2023-42937, CVE-2024-23207, CVE-2024-23212, CVE-2024-23222
SHA-256 | f47b5cc3fc3e2932c779a5e08268ff04f0c8b72f286e970997597391f2eb5f5b
Download | Favorite | View
Apple Security Advisory 01-22-2024-6
Posted Jan 29, 2024
Authored by Apple | Site apple.com

Apple Security Advisory 01-22-2024-6 - macOS Ventura 13.6.4 addresses bypass and code execution vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple
advisories | CVE-2023-38039, CVE-2023-38545, CVE-2023-38546, CVE-2023-40528, CVE-2023-42887, CVE-2023-42888, CVE-2023-42915, CVE-2023-42935, CVE-2023-42937, CVE-2024-23207, CVE-2024-23212, CVE-2024-23222, CVE-2024-23224
SHA-256 | 47401dee058f86008aabd7e82b8eacb1135f296db5a860fbaf2791d6ee670c04
Download | Favorite | View
Apple Security Advisory 01-22-2024-3
Posted Jan 26, 2024
Authored by Apple | Site apple.com

Apple Security Advisory 01-22-2024-3 - iOS 16.7.5 and iPadOS 16.7.5 addresses code execution vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple, ios
advisories | CVE-2023-38039, CVE-2023-38545, CVE-2023-38546, CVE-2023-42888, CVE-2023-42915, CVE-2023-42937, CVE-2024-23206, CVE-2024-23211, CVE-2024-23212, CVE-2024-23213, CVE-2024-23214, CVE-2024-23222
SHA-256 | f808342c47a19d49aca6649451e4d052f6ea01681c6945bc9ba9ef843c24277b
Download | Favorite | View
Red Hat Security Advisory 2023-7540-01
Posted Nov 29, 2023
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2023-7540-01 - An update for curl is now available for Red Hat Enterprise Linux 8.8 Extended Update Support.

tags | advisory
systems | linux, redhat
advisories | CVE-2023-38546
SHA-256 | 7f766142ae22b65ea11126c096f7347755f478a487ac8fcb0934746041f42e9f
Download | Favorite | View
Ubuntu Security Notice USN-6429-3
Posted Oct 17, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6429-3 - USN-6429-1 fixed vulnerabilities in curl. This update provides the corresponding updates for Ubuntu 23.10. Jay Satiro discovered that curl incorrectly handled hostnames when using a SOCKS5 proxy. In environments where curl is configured to use a SOCKS5 proxy, a remote attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 23.04. It was discovered that curl incorrectly handled cookies when an application duplicated certain handles. A local attacker could possibly create a cookie file and inject arbitrary cookies into subsequent connections.

tags | advisory, remote, arbitrary, local, vulnerability
systems | linux, ubuntu
advisories | CVE-2023-38545, CVE-2023-38546
SHA-256 | d1725e2867219ce04c36896ee359cb48113c317935ea121e2af01b7b802e2783
Download | Favorite | View
Ubuntu Security Notice USN-6429-2
Posted Oct 12, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6429-2 - USN-6429-1 fixed a vulnerability in curl. This update provides the corresponding update for Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. It was discovered that curl incorrectly handled cookies when an application duplicated certain handles. A local attacker could possibly create a cookie file and inject arbitrary cookies into subsequent connections.

tags | advisory, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2023-38546
SHA-256 | 211a76272374a882b7a467a4ffd2ecb79519a76199cb3aad13e8f2d5864a2e82
Download | Favorite | View
Debian Security Advisory 5523-1
Posted Oct 11, 2023
Authored by Debian | Site debian.org

Debian Linux Security Advisory 5523-1 - Two security issues were found in Curl, an easy-to-use client-side URL transfer library and command line tool.

tags | advisory
systems | linux, debian
advisories | CVE-2023-38545, CVE-2023-38546
SHA-256 | 6f8cac21edc730d0834c13186c9df39c586cd8ff7546f9e0e8f727ca7b9552ec
Download | Favorite | View
Ubuntu Security Notice USN-6429-1
Posted Oct 11, 2023
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 6429-1 - Jay Satiro discovered that curl incorrectly handled hostnames when using a SOCKS5 proxy. In environments where curl is configured to use a SOCKS5 proxy, a remote attacker could possibly use this issue to execute arbitrary code. This issue only affected Ubuntu 22.04 LTS, and Ubuntu 23.04. It was discovered that curl incorrectly handled cookies when an application duplicated certain handles. A local attacker could possibly create a cookie file and inject arbitrary cookies into subsequent connections.

tags | advisory, remote, arbitrary, local
systems | linux, ubuntu
advisories | CVE-2023-38545, CVE-2023-38546
SHA-256 | cdf87ef50399c95276fdc38c6e1cbde856743680fa9b47c87c04c69d255f590a
Download | Favorite | View
Page 1 of 1
Back1Next

File Archive:

May 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    May 1st
    44 Files
  • 2
    May 2nd
    5 Files
  • 3
    May 3rd
    11 Files
  • 4
    May 4th
    0 Files
  • 5
    May 5th
    0 Files
  • 6
    May 6th
    28 Files
  • 7
    May 7th
    0 Files
  • 8
    May 8th
    0 Files
  • 9
    May 9th
    0 Files
  • 10
    May 10th
    0 Files
  • 11
    May 11th
    0 Files
  • 12
    May 12th
    0 Files
  • 13
    May 13th
    0 Files
  • 14
    May 14th
    0 Files
  • 15
    May 15th
    0 Files
  • 16
    May 16th
    0 Files
  • 17
    May 17th
    0 Files
  • 18
    May 18th
    0 Files
  • 19
    May 19th
    0 Files
  • 20
    May 20th
    0 Files
  • 21
    May 21st
    0 Files
  • 22
    May 22nd
    0 Files
  • 23
    May 23rd
    0 Files
  • 24
    May 24th
    0 Files
  • 25
    May 25th
    0 Files
  • 26
    May 26th
    0 Files
  • 27
    May 27th
    0 Files
  • 28
    May 28th
    0 Files
  • 29
    May 29th
    0 Files
  • 30
    May 30th
    0 Files
  • 31
    May 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close