Think you have a false positive on this rule?

Sid 1-41853

Message

OS-LINUX cURL and libcurl set-cookie remote code execution attempt

Summary

This event is generated when a remote code execution attempt is detected in cURL or libcurl.

Impact

Attempted User Privilege Gain

CVE-2015-3145:

CVSS base score 7.5

CVSS impact score 6.4

CVSS exploitability score 10.0

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

Detailed information

CVE-2015-3145: The sanitizecookiepath function in cURL and libcurl 7.31.0 through 7.41.0 does not properly calculate an index, which allows remote attackers to cause a denial of service (out-of-bounds write and crash) or possibly have other unspecified impact via a cookie path containing only a double-quote character.

Affected systems

  • haxx curl 7.31.0
  • haxx curl 7.32.0
  • haxx curl 7.33.0
  • haxx curl 7.34.0
  • haxx curl 7.35.0
  • haxx curl 7.36.0
  • haxx curl 7.37.0
  • haxx curl 7.37.1
  • haxx curl 7.38.0
  • haxx curl 7.39.0
  • haxx curl 7.40.0
  • haxx curl 7.41.0
  • haxx libcurl 7.30.0
  • haxx libcurl 7.31.0
  • haxx libcurl 7.32.0
  • haxx libcurl 7.33.0
  • haxx libcurl 7.34.0
  • haxx libcurl 7.35.0
  • haxx libcurl 7.36.0
  • haxx libcurl 7.37.0
  • haxx libcurl 7.37.1
  • haxx libcurl 7.38.0
  • haxx libcurl 7.39
  • haxx libcurl 7.40.0
  • haxx libcurl 7.41.0
  • hp systemmanagementhomepage 7.5.3.1
  • apple macosx 10.10.0
  • apple macosx 10.10.1
  • apple macosx 10.10.2
  • apple macosx 10.10.3
  • apple macosx 10.10.4
  • canonical ubuntu_linux 12.04
  • canonical ubuntu_linux 14.04
  • canonical ubuntu_linux 14.10
  • canonical ubuntu_linux 15.04
  • debian debian_linux 7.0
  • fedoraproject fedora 21
  • fedoraproject fedora 22
  • novell opensuse 13.1
  • novell opensuse 13.2
  • oracle solaris 11.3

Ease of attack

CVE-2015-3145:

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

False positives

None Known

False negatives

None Known

Corrective action

Contributors

  • Cisco's Talos Intelligence Group

Additional References