Last month mbedTLS issued security advisory CVE-2017-14032, Bypass of authentication of peer [1], which affects versions prior to "mbed TLS 1.3.21, mbed TLS 2.1.9 or mbed TLS 2.6.0" (but not PolarSSL). libcurl uses mbedTLS in the way described in the advisory, and is thus affected.
This is a serious vulnerability and trivial to exploit. An example can be seen at [2]. This is not a vulnerability in libcurl, it is in mbedTLS. The certificate verification done by the client (libcurl) can be bypassed by exploiting this vulnerability. This would most practically happen during a Man-in-the-middle attack (MITM) [3]. To determine if the curl tool is using a vulnerable version of mbedTLS run curl -V, and for libcurl you can call curl_version(). Either will give you a version string like this: curl 7.50.0-DEV (i686-w64-mingw32) libcurl/7.50.0-DEV mbedTLS/2.2.1 zlib/1.2.8 libidn/1.32 libssh2/1.7.0 nghttp2/1.11.0 In this example mbedTLS/2.2.1 is before 2.6.0 and therefore is vulnerable. That may seem confusing since 2.2.1 comes after the fixed 2.1.9. That is because mbed TLS has separate 1.3.x and 2.1.x series. What that means is 2.2.x - 2.5.x is vulnerable. We rarely post about the impacts on curl due to flaws in the TLS libraries, however this one in particular does not seem to have gotten enough attention. Maybe it was not well understood? We suggest upgrading to the latest version of mbedTLS as soon as you can. [1]: https://tls.mbed.org/tech-updates/security-advisories/mbedtls-security-advisory-2017-02 [2]: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=873557#17 [3]: https://en.wikipedia.org/wiki/Man-in-the-middle_attack . ------------------------------------------------------------------- Unsubscribe: https://cool.haxx.se/list/listinfo/curl-library Etiquette: https://curl.haxx.se/mail/etiquette.html
