CVE-2018-16890

libcurl versions from 7.36.0 to before 7.64.0 is vulnerable to a heap buffer out-of-bounds read. The function handling incoming NTLM type-2 messages (`lib/vauth/ntlm.c:ntlm_decode_type2_target`) does not validate incoming data correctly and is subject to an integer overflow vulnerability. Using that overflow, a malicious or broken NTLM server could trick libcurl to accept a bad length + offset combination that would lead to a buffer read out-of-bounds.

Published : 2019-02-06 20:29 Updated : 2019-04-26 15:58

5.0
CVSS Score More info
Score 5.0 / 10
5.0
Vendor Product Version URI
Haxx Libcurl 7.36.0 cpe:/a:haxx:libcurl:7.36.0
Haxx Libcurl 7.37.0 cpe:/a:haxx:libcurl:7.37.0
Haxx Libcurl 7.37.1 cpe:/a:haxx:libcurl:7.37.1
Haxx Libcurl 7.38.0 cpe:/a:haxx:libcurl:7.38.0
Haxx Libcurl 7.39 cpe:/a:haxx:libcurl:7.39
Haxx Libcurl 7.39.0 cpe:/a:haxx:libcurl:7.39.0
Haxx Libcurl 7.40.0 cpe:/a:haxx:libcurl:7.40.0
Haxx Libcurl 7.41.0 cpe:/a:haxx:libcurl:7.41.0
Haxx Libcurl 7.42 cpe:/a:haxx:libcurl:7.42
Haxx Libcurl 7.42.0 cpe:/a:haxx:libcurl:7.42.0
Haxx Libcurl 7.42.1 cpe:/a:haxx:libcurl:7.42.1
Haxx Libcurl 7.43.0 cpe:/a:haxx:libcurl:7.43.0
Haxx Libcurl 7.44.0 cpe:/a:haxx:libcurl:7.44.0
Haxx Libcurl 7.45.0 cpe:/a:haxx:libcurl:7.45.0
Haxx Libcurl 7.46.0 cpe:/a:haxx:libcurl:7.46.0
Haxx Libcurl 7.47.0 cpe:/a:haxx:libcurl:7.47.0
Haxx Libcurl 7.47.1 cpe:/a:haxx:libcurl:7.47.1
Haxx Libcurl 7.48.0 cpe:/a:haxx:libcurl:7.48.0
Haxx Libcurl 7.49.0 cpe:/a:haxx:libcurl:7.49.0
Haxx Libcurl 7.49.1 cpe:/a:haxx:libcurl:7.49.1
Haxx Libcurl 7.50.0 cpe:/a:haxx:libcurl:7.50.0
Haxx Libcurl 7.50.1 cpe:/a:haxx:libcurl:7.50.1
Haxx Libcurl 7.50.2 cpe:/a:haxx:libcurl:7.50.2
Haxx Libcurl 7.50.3 cpe:/a:haxx:libcurl:7.50.3
Haxx Libcurl 7.51.0 cpe:/a:haxx:libcurl:7.51.0
Haxx Libcurl 7.52.0 cpe:/a:haxx:libcurl:7.52.0
Haxx Libcurl 7.52.1 cpe:/a:haxx:libcurl:7.52.1
Haxx Libcurl 7.53.0 cpe:/a:haxx:libcurl:7.53.0
Haxx Libcurl 7.53.1 cpe:/a:haxx:libcurl:7.53.1
Haxx Libcurl 7.54.0 cpe:/a:haxx:libcurl:7.54.0
Haxx Libcurl 7.54.1 cpe:/a:haxx:libcurl:7.54.1
Haxx Libcurl 7.55.0 cpe:/a:haxx:libcurl:7.55.0
Haxx Libcurl 7.55.1 cpe:/a:haxx:libcurl:7.55.1
Haxx Libcurl 7.56.0 cpe:/a:haxx:libcurl:7.56.0
Haxx Libcurl 7.56.1 cpe:/a:haxx:libcurl:7.56.1
Haxx Libcurl 7.57.0 cpe:/a:haxx:libcurl:7.57.0
Haxx Libcurl 7.58.0 cpe:/a:haxx:libcurl:7.58.0
Haxx Libcurl 7.59.0 cpe:/a:haxx:libcurl:7.59.0
Haxx Libcurl 7.60.0 cpe:/a:haxx:libcurl:7.60.0
Haxx Libcurl 7.61.0 cpe:/a:haxx:libcurl:7.61.0
Haxx Libcurl 7.61.1 cpe:/a:haxx:libcurl:7.61.1
Haxx Libcurl 7.62.0 cpe:/a:haxx:libcurl:7.62.0
Haxx Libcurl 7.63.0 cpe:/a:haxx:libcurl:7.63.0
Canonical Ubuntu Linux 16.04 cpe:/o:canonical:ubuntu_linux:16.04::~~lts~~~
Canonical Ubuntu Linux 18.04 cpe:/o:canonical:ubuntu_linux:18.04::~~lts~~~
Canonical Ubuntu Linux 18.10 cpe:/o:canonical:ubuntu_linux:18.10
Debian Debian Linux 9.0 cpe:/o:debian:debian_linux:9.0
Canonical Ubuntu Linux 14.04 cpe:/o:canonical:ubuntu_linux:14.04::~~lts~~~
Oracle Communications Operations Monitor 3.4 cpe:/a:oracle:communications_operations_monitor:3.4
Oracle Communications Operations Monitor 4.0 cpe:/a:oracle:communications_operations_monitor:4.0
Oracle Http Server 12.2.1.3.0 cpe:/a:oracle:http_server:12.2.1.3.0
Oracle Secure Global Desktop 5.4 cpe:/a:oracle:secure_global_desktop:5.4
Siemens Sinema Remote Connect Client 2.0 cpe:/a:siemens:sinema_remote_connect_client:2.0
Netapp Clustered Data Ontap cpe:/o:netapp:clustered_data_ontap
  1. Siemens (1) Search CVE
    1. Sinema Remote Connect Client (1) Search CVE
      1. 2.0
  2. Oracle (3) Search CVE
    1. Communications Operations Monitor (2) Search CVE
      1. 3.4
      2. 4.0
    2. Http Server (1) Search CVE
      1. 12.2.1.3.0
    3. Secure Global Desktop (1) Search CVE
      1. 5.4
  3. Netapp (1) Search CVE
    1. Clustered Data Ontap (1) Search CVE
  4. Debian (1) Search CVE
    1. Debian Linux (1) Search CVE
      1. 9.0
  5. Canonical (1) Search CVE
    1. Ubuntu Linux (4) Search CVE
      1. 16.04
      2. 18.04
      3. 18.10
      4. 14.04
  6. Haxx (1) Search CVE
    1. Libcurl (43) Search CVE
      1. 7.36.0
      2. 7.37.0
      3. 7.37.1
      4. 7.38.0
      5. 7.39
      6. 7.39.0
      7. 7.40.0
      8. 7.41.0
      9. 7.42
      10. 7.42.0
      11. 7.42.1
      12. 7.43.0
      13. 7.44.0
      14. 7.45.0
      15. 7.46.0
      16. 7.47.0
      17. 7.47.1
      18. 7.48.0
      19. 7.49.0
      20. 7.49.1
      21. 7.50.0
      22. 7.50.1
      23. 7.50.2
      24. 7.50.3
      25. 7.51.0
      26. 7.52.0
      27. 7.52.1
      28. 7.53.0
      29. 7.53.1
      30. 7.54.0
      31. 7.54.1
      32. 7.55.0
      33. 7.55.1
      34. 7.56.0
      35. 7.56.1
      36. 7.57.0
      37. 7.58.0
      38. 7.59.0
      39. 7.60.0
      40. 7.61.0
      41. 7.61.1
      42. 7.62.0
      43. 7.63.0

CWE

ID Name Description Links
CWE-125 Out-of-bounds Read The software reads data past the end, or before the beginning, of the intended buffer. CVE

History of changes

Date Event
2019-04-26 15:58
2019-04-23 19:31
2019-04-09 13:29
2019-03-25 19:57
2019-03-15 10:29
2019-02-15 19:01
2019-02-13 17:46
2019-02-09 11:29
2019-02-07 11:29
2019-02-06 20:29

New CVE