Plataforma
curl
Componente
curl
Corrigido em
7.51.1
CVE-2016-8615 is a vulnerability in curl versions 7.51.0 that allows malicious HTTP servers to inject arbitrary cookies into cookie jar files. This can lead to session hijacking and unauthorized access to sensitive data. The vulnerability stems from how curl handles cookie state when writing to and reading from cookie jar files. A fix is available in version 7.51.1.
An attacker can exploit this vulnerability by crafting a malicious HTTP response that includes specially crafted cookies. When curl writes this response to a cookie jar file, the attacker can later inject arbitrary cookies for any domain into the jar. Subsequently, when curl reads this cookie jar file and makes requests to other websites, it will unknowingly include the attacker's injected cookies. This can lead to session hijacking, where the attacker can impersonate a legitimate user, or to unauthorized access to sensitive data. The impact is particularly severe if the cookie jar file is shared across multiple applications or users.
CVE-2016-8615 was publicly disclosed on August 1, 2018. While no active exploitation campaigns have been definitively linked to this vulnerability, the potential for session hijacking makes it a valuable target for attackers. There are publicly available proof-of-concept exploits demonstrating the vulnerability. It is not currently listed on CISA KEV.
Systems using curl 7.51.0, particularly those that rely on cookie jar files for authentication or session management, are at risk. Shared hosting environments where multiple users share the same curl configuration are also particularly vulnerable, as an attacker could potentially inject cookies affecting all users on the shared server.
• linux / server:
find / -name '*.bak' -o -name '*.txt' -o -name '*.sqlite' -print0 | xargs -0 grep -i 'cookie='• generic web:
curl -I <target_url> | grep 'Set-Cookie:'discovery
disclosure
poc
patch
Status do Exploit
Vetor CVSS
The primary mitigation for CVE-2016-8615 is to upgrade to curl version 7.51.1 or later. If upgrading is not immediately feasible, consider implementing temporary workarounds such as disabling cookie jar file usage or carefully validating the contents of cookie jar files before use. WAFs can be configured to inspect HTTP responses for suspicious cookie headers. Monitor curl logs for unusual cookie activity. After upgrading, confirm the fix by attempting to reproduce the vulnerability with a known malicious HTTP server and verifying that the injected cookies are not included in subsequent requests.
Actualice a la versión 7.51.1 o posterior para mitigar la vulnerabilidad. Esta actualización corrige la forma en que curl maneja los cookies, evitando que los servidores maliciosos inyecten cookies arbitrarias en el cookie jar.
Análise de vulnerabilidades e alertas críticos diretamente no seu e-mail.
CVE-2016-8615 is a vulnerability in curl 7.51.0 that allows malicious servers to inject cookies into cookie jar files, potentially leading to session hijacking.
If you are using curl version 7.51.0 and rely on cookie jar files, you are potentially affected. Upgrade to 7.51.1 or later to mitigate the risk.
The recommended fix is to upgrade to curl version 7.51.1 or a later version. If upgrading is not possible, consider temporary workarounds like disabling cookie jar usage.
While no confirmed active exploitation campaigns are publicly known, the potential for session hijacking makes it a valuable target, and proof-of-concept exploits are available.
Refer to the curl security advisory for detailed information: https://curl.se/security/CVE-2016-8615.html
Envie seu arquivo de dependências e descubra na hora se esta e outras CVEs te atingem.