Critical SOCKS5 Vulnerability in cURL Puts Enterprise Systems at Risk
11-Oct-23
On Wednesday, the cURL data transfer project’s maintainers released patches for a severe memory corruption vulnerability that exposes millions of enterprise operating systems, apps, and devices to malicious hacker attacks. The weakness, according to a high-risk alert, is a direct danger to the SOCKS5 proxy handshake process in cURL and can be remotely exploited in some non-standard configurations.
The CVE-2023-38545 problem exists in the libcurl library, which handles data flow between devices and servers. “When curl is asked to pass along the hostname to the SOCKS5 proxy so that it can resolve the address instead of curl itself, the maximum length of that hostname is 255 bytes.”
