CVE-2006-1061 - Vulnerability Details - OpenCVE

Heap-based buffer overflow in cURL and libcURL 7.15.0 through 7.15.2 allows remote attackers to execute arbitrary commands via a TFTP URL (tftp://) with a valid hostname and a long path.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Daniel Stenberg	Curl

Configuration 1 [-]

OR	cpe:2.3:a:daniel_stenberg:curl:7.15.0:::::::*
	cpe:2.3:a:daniel_stenberg:curl:7.15.1:::::::*
	cpe:2.3:a:daniel_stenberg:curl:7.15.2:::::::*

No data.

References

Link	Providers
http://archives.neohapsis.com/archives/fulldisclosure/2006-03/1326.html
http://curl.haxx.se/docs/adv_20060320.html
http://secunia.com/advisories/19271
http://secunia.com/advisories/19335
http://secunia.com/advisories/19344
http://secunia.com/advisories/19371
http://www.gentoo.org/security/en/glsa/glsa-200603-19.xml
http://www.osvdb.org/23982
http://www.redhat.com/archives/fedora-announce-list/2006-March/msg00048.html
http://www.securityfocus.com/bid/17154
http://www.trustix.org/errata/2006/0016
http://www.vupen.com/english/advisories/2006/1008
https://exchange.xforce.ibmcloud.com/vulnerabilities/25318

History

No history.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2006-03-21T01:00:00

Updated: 2024-08-07T16:56:15.565Z

Reserved: 2006-03-07T00:00:00

Link: CVE-2006-1061

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2006-03-21T01:06:00.000

Modified: 2025-04-03T01:03:51.193

Link: CVE-2006-1061

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2006-03-20T00:00:00", "descriptions": [{"lang": "en", "value": "Heap-based buffer overflow in cURL and libcURL 7.15.0 through 7.15.2 allows remote attackers to execute arbitrary commands via a TFTP URL (tftp://) with a valid hostname and a long path."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-07-19T15:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "FEDORA-2006-189", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-March/msg00048.html"}, {"name": "19371", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/19371"}, {"name": "GLSA-200603-19", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200603-19.xml"}, {"name": "ADV-2006-1008", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2006/1008"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://curl.haxx.se/docs/adv_20060320.html"}, {"name": "19335", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/19335"}, {"name": "17154", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/17154"}, {"name": "23982", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://www.osvdb.org/23982"}, {"name": "20060320 [SSAG#001] :: cURL tftp:// URL Buffer Overflow", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-03/1326.html"}, {"name": "2006-0016", "tags": ["vendor-advisory", "x_refsource_TRUSTIX"], "url": "http://www.trustix.org/errata/2006/0016"}, {"name": "19271", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/19271"}, {"name": "curl-tftp-bo(25318)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25318"}, {"name": "19344", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/19344"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2006-1061", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Heap-based buffer overflow in cURL and libcURL 7.15.0 through 7.15.2 allows remote attackers to execute arbitrary commands via a TFTP URL (tftp://) with a valid hostname and a long path."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "FEDORA-2006-189", "refsource": "FEDORA", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-March/msg00048.html"}, {"name": "19371", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19371"}, {"name": "GLSA-200603-19", "refsource": "GENTOO", "url": "http://www.gentoo.org/security/en/glsa/glsa-200603-19.xml"}, {"name": "ADV-2006-1008", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2006/1008"}, {"name": "http://curl.haxx.se/docs/adv_20060320.html", "refsource": "CONFIRM", "url": "http://curl.haxx.se/docs/adv_20060320.html"}, {"name": "19335", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19335"}, {"name": "17154", "refsource": "BID", "url": "http://www.securityfocus.com/bid/17154"}, {"name": "23982", "refsource": "OSVDB", "url": "http://www.osvdb.org/23982"}, {"name": "20060320 [SSAG#001] :: cURL tftp:// URL Buffer Overflow", "refsource": "FULLDISC", "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-03/1326.html"}, {"name": "2006-0016", "refsource": "TRUSTIX", "url": "http://www.trustix.org/errata/2006/0016"}, {"name": "19271", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19271"}, {"name": "curl-tftp-bo(25318)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25318"}, {"name": "19344", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/19344"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T16:56:15.565Z"}, "title": "CVE Program Container", "references": [{"name": "FEDORA-2006-189", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://www.redhat.com/archives/fedora-announce-list/2006-March/msg00048.html"}, {"name": "19371", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/19371"}, {"name": "GLSA-200603-19", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://www.gentoo.org/security/en/glsa/glsa-200603-19.xml"}, {"name": "ADV-2006-1008", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2006/1008"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://curl.haxx.se/docs/adv_20060320.html"}, {"name": "19335", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/19335"}, {"name": "17154", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/17154"}, {"name": "23982", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://www.osvdb.org/23982"}, {"name": "20060320 [SSAG#001] :: cURL tftp:// URL Buffer Overflow", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-03/1326.html"}, {"name": "2006-0016", "tags": ["vendor-advisory", "x_refsource_TRUSTIX", "x_transferred"], "url": "http://www.trustix.org/errata/2006/0016"}, {"name": "19271", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/19271"}, {"name": "curl-tftp-bo(25318)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25318"}, {"name": "19344", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/19344"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2006-1061", "datePublished": "2006-03-21T01:00:00", "dateReserved": "2006-03-07T00:00:00", "dateUpdated": "2024-08-07T16:56:15.565Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:daniel_stenberg:curl:7.15.0:*:*:*:*:*:*:*", "matchCriteriaId": "2AC07A04-1E66-4054-ACB1-667D1D7A914C", "vulnerable": true}, {"criteria": "cpe:2.3:a:daniel_stenberg:curl:7.15.1:*:*:*:*:*:*:*", "matchCriteriaId": "E09A7C68-B570-4495-896C-2B5ABA191CC5", "vulnerable": true}, {"criteria": "cpe:2.3:a:daniel_stenberg:curl:7.15.2:*:*:*:*:*:*:*", "matchCriteriaId": "0E40A18E-3B2A-48C2-B253-A4AC53D60C79", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Heap-based buffer overflow in cURL and libcURL 7.15.0 through 7.15.2 allows remote attackers to execute arbitrary commands via a TFTP URL (tftp://) with a valid hostname and a long path."}], "evaluatorSolution": "Update to version 7.15.3.", "id": "CVE-2006-1061", "lastModified": "2025-04-03T01:03:51.193", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2006-03-21T01:06:00.000", "references": [{"source": "secalert@redhat.com", "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-03/1326.html"}, {"source": "secalert@redhat.com", "url": "http://curl.haxx.se/docs/adv_20060320.html"}, {"source": "secalert@redhat.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/19271"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19335"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19344"}, {"source": "secalert@redhat.com", "url": "http://secunia.com/advisories/19371"}, {"source": "secalert@redhat.com", "url": "http://www.gentoo.org/security/en/glsa/glsa-200603-19.xml"}, {"source": "secalert@redhat.com", "url": "http://www.osvdb.org/23982"}, {"source": "secalert@redhat.com", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-March/msg00048.html"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/17154"}, {"source": "secalert@redhat.com", "url": "http://www.trustix.org/errata/2006/0016"}, {"source": "secalert@redhat.com", "url": "http://www.vupen.com/english/advisories/2006/1008"}, {"source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25318"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://archives.neohapsis.com/archives/fulldisclosure/2006-03/1326.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://curl.haxx.se/docs/adv_20060320.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "http://secunia.com/advisories/19271"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19335"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19344"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://secunia.com/advisories/19371"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.gentoo.org/security/en/glsa/glsa-200603-19.xml"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.osvdb.org/23982"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.redhat.com/archives/fedora-announce-list/2006-March/msg00048.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securityfocus.com/bid/17154"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.trustix.org/errata/2006/0016"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.vupen.com/english/advisories/2006/1008"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/25318"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-Other"}], "source": "nvd@nist.gov", "type": "Primary"}]}