CVE-2013-1944

Description

The tailMatch function in cookie.c in cURL and libcurl before 7.30.0 does not properly match the path domain when sending cookies, which allows remote attackers to steal cookies via a matching suffix in the domain of a URL.

CVSS Metrics

• v2.0•MEDIUM•Score: 5AV:N/AC:L/Au:N/C:P/I:N/A:N

EPSS Trends

Current EPSS score: 2.48%• Percentile: 86%

Techniques & Countermeasures

• CWE-200•Exposure of Sensitive Information to an Unauthorized Actor

  The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

Affected Systems

• canonical•ubuntu_linux

  8.04 | 10.04 | 11.10 | 12.04 | 12.10

• haxx•curl

  ≤ 7.29.0 | 6.0 | 6.1 | 6.1:beta | 6.2 | 6.3 | 6.3.1 | 6.4 | 6.5 | 6.5.1 | 6.5.2 | 7.1 | 7.1.1 | 7.2 | 7.2.1 | 7.3 | 7.4 | 7.4.1 | 7.4.2 | 7.5.1 | 7.5.2 | 7.6 | 7.6.1 | 7.7 | 7.7.1 | 7.7.2 | 7.7.3 | 7.8 | 7.8.1 | 7.9 | 7.9.1 | 7.9.2 | 7.9.3 | 7.9.4 | 7.9.5 | 7.9.6 | 7.9.7 | 7.9.8 | 7.10 | 7.10.1 | 7.10.2 | 7.10.3 | 7.10.4 | 7.10.5 | 7.10.6 | 7.10.7 | 7.10.8 | 7.11.0 | 7.11.1 | 7.11.2 | 7.12.0 | 7.12.1 | 7.12.2 | 7.12.3 | 7.13.0 | 7.13.1 | 7.13.2 | 7.14.0 | 7.14.1 | 7.15.0 | 7.15.1 | 7.15.2 | 7.15.3 | 7.15.4 | 7.15.5 | 7.16.0 | 7.16.1 | 7.16.2 | 7.16.3 | 7.16.4 | 7.17.0 | 7.17.1 | 7.18.0 | 7.18.1 | 7.18.2 | 7.19.0 | 7.19.1 | 7.19.2 | 7.19.3 | 7.19.4 | 7.19.5 | 7.19.6 | 7.19.7 | 7.20.0 | 7.20.1 | 7.21.0 | 7.21.1 | 7.21.2 | 7.21.3 | 7.21.4 | 7.21.5 | 7.21.6 | 7.21.7 | 7.22.0 | 7.23.0 | 7.23.1 | 7.24.0 | 7.25.0 | 7.26.0 | 7.27.0 | 7.28.0 | 7.28.1

• haxx•libcurl

  ≤ 7.29.0 | 7.14.0 | 7.14.1 | 7.15.0 | 7.15.1 | 7.15.2 | 7.15.3 | 7.15.4 | 7.15.5 | 7.16.0 | 7.16.2 | 7.16.3 | 7.16.4 | 7.17.0 | 7.17.1 | 7.18.0 | 7.18.2 | 7.19.3 | 7.20.0 | 7.21.2 | 7.22.0 | 7.23.0 | 7.28.0 | 7.28.1

References (23)

• http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html
• http://www.mandriva.com/security/advisories?name=MDVSA-2013:151
• http://www.osvdb.org/92316
• http://www.debian.org/security/2012/dsa-2660
• http://lists.fedoraproject.org/pipermail/package-announce/2013-May/104598.html
• http://www.ubuntu.com/usn/USN-1801-1
• https://bugzilla.redhat.com/show_bug.cgi?id=950577
• http://lists.fedoraproject.org/pipermail/package-announce/2013-May/104207.html
• http://lists.fedoraproject.org/pipermail/package-announce/2013-April/102056.html
• http://lists.fedoraproject.org/pipermail/package-announce/2013-April/102711.html
• http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html
• http://curl.haxx.se/docs/adv_20130412.html
• http://lists.opensuse.org/opensuse-updates/2013-06/msg00016.html
• https://wiki.mageia.org/en/Support/Advisories/MGASA-2013-0121
• http://www.securityfocus.com/bid/59058
• http://secunia.com/advisories/53044
• http://rhn.redhat.com/errata/RHSA-2013-0771.html
• http://secunia.com/advisories/53051
• http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105539.html
• http://lists.fedoraproject.org/pipermail/package-announce/2013-May/106606.html
• http://secunia.com/advisories/53097
• http://lists.opensuse.org/opensuse-updates/2013-06/msg00013.html
• https://github.com/bagder/curl/commit/2eb8dcf26cb37f09cffe26909a646e702dbcab66