Forum Thread: cURL 7.x

You are currently viewing a forum thread in the Secunia Community Forum. Please note that opinions expressed here are not of Secunia but solely reflect those of the user who wrote it.

This thread was submitted in the following forum:
PSI

This thread has been marked as locked.
genegold99 cURL 7.x
Member 6th Apr, 2011 18:53
Ranking: 5
Posts: 141
User Since: 25th Nov, 2008
System Score: N/A
Location: US
Last edited on 6th Apr, 2011 18:57

A couple of days ago cURL 7.x, specifically curl.exe, turned Insecure. I had 7.19.4.0 in two applications (FVD Suite and Sylpheed) and it showed 7.21.4.0 as the new version. I downloaded and copied over curl.exe to each app, re-scanned and they both showed in PSI as Patched. After that, Sylpheed, an email client, opened but several seconds later it showed an error message about libssl32.dll not found. After copying that file in and getting another error message, I decided to go back to 7.19.4.0 in Sylpheed. Then I re-scanned. While the results still show cURL 7.x as Patched, a closer look shows both versions, new and old, but no indication of the latter as Insecure. How is that?

In addition, a PSI search for Curl shows an Advisory for versions 7.10.5 through 7.19.7 in Feb 2010 and one for 7.20.0 through 7.21.1 in October 2010. So why did it show as Insecure for the first time this week?

http://secunia.com/advisories/38427/
http://secunia.com/advisories/39532/

bill77 RE: cURL 7.x
Member 6th Apr, 2011 21:57
Score: 0
Posts: 4
User Since: 6th Apr 2011
System Score: N/A
Location: US
I have a similar problem but have no idea what programs on my computer contain
cURL 7.x. A Google search didn't show which programs might contain it. PSI
cannot download a fix for it and leaves no trail as to the author.

I am running W7 SP1, IE 9RTM, and Secunia PSI doesn't seem to work well with
IE 9 in that it seems not to recognize it as a supported browser. How did you locate which of your programs (FVD Suite and Sylpheed) contained this troublesome sub program level threat to internet security?

I cannot uninstall it using Control Panel because it doesn't show up under
Programs and Features so that it can be uninstalled. If I could install it, I have
no idea what impact it would have on my computer. The curl website only shows
uninstalling by getting rid of curl runtime environment. I don't have that program either unless they purchased Runtime Environment from Apple.
Was this reply relevant?
+0
-0
genegold99 RE: cURL 7.x
Member 6th Apr, 2011 22:22
Score: 5
Posts: 141
User Since: 25th Nov 2008
System Score: N/A
Location: US
Think of curl.exe is an executable file not an application, which you seem to looking for. Do a Windows Explorer search on your main drive for that file, which will show you in which apps it's located. You might try updating those apps directly first and see what happens. Then, if necessary, go to http://curl.haxx.se/ for a download. There will be much more included, but all you need to copy over is curl.exe. Then rescan.
Was this reply relevant?
+0
-0
bill77 RE: cURL 7.x
Member 7th Apr, 2011 00:31
Score: 0
Posts: 4
User Since: 6th Apr 2011
System Score: N/A
Location: US
Thanks very much. I will give it a try and expect the best result. You are certainly correct that I simply thought it had come along as part of some app.
that I had downloaded. Now I can see that in this case x is not the unknown quantity but an executable file.
Was this reply relevant?
+0
-0
genegold99 RE: cURL 7.x
Member 7th Apr, 2011 00:36
Score: 5
Posts: 141
User Since: 25th Nov 2008
System Score: N/A
Location: US
Sure. Keep a copy of the old file around, just in case. And let us know what happens.
Was this reply relevant?
+0
-0
bill77 RE: cURL 7.x
Member 7th Apr, 2011 01:46
Score: 0
Posts: 4
User Since: 6th Apr 2011
System Score: N/A
Location: US
I found, on Secunia PSI, that it linked to Foxit Reader. I downloaded the latest version of Foxit Reader but so far, Secunia still shows cURL as being a security risk. I will scan again later tonight in case it takes awhile for Secunia to acknowledge the update. I have had that experience with Secunia in the past.
Was this reply relevant?
+0
-0
bill77 RE: cURL 7.x
Member 7th Apr, 2011 06:05
Score: 0
Posts: 4
User Since: 6th Apr 2011
System Score: N/A
Location: US
I finally had to resort to uninstalling Foxit Reader to get rid of the offending plugin.
I suppose I am now stuck with Adobe.
Was this reply relevant?
+0
-0
Maurice Joyce RE: cURL 7.x
Handling Contributor 7th Apr, 2011 18:21
Score: 12325
Posts: 9,575
User Since: 4th Jan 2009
System Score: N/A
Location: UK
Bill77,
This thread may help, which I wrote some time, ago about PDF Readers.

http://secunia.com/community/forum/thread/show/417...

--
Maurice

Microsoft Surface 4 Intel i7 64Bit
Windows 10 Pro version 1809 Build 17763.404
16 GB RAM
IE & Edge Only
Was this reply relevant?
+2
-0
genegold99 RE: cURL 7.x
Member 7th Apr, 2011 18:29
Score: 5
Posts: 141
User Since: 25th Nov 2008
System Score: N/A
Location: US
While I have CS3, hence Acrobat, on my computer for certain projects, for a reader I've played with Nitro and PDF X-change Viewer around. I've found the latter, which is now my default, is not only more than satisfactory, but also has form fill in capacities.

The one thing I'm missing in this thread is a response from Secunia to the Curl issue.
Was this reply relevant?
+0
-0
Maurice Joyce RE: cURL 7.x
Handling Contributor 12th Apr, 2011 16:02
Score: 12325
Posts: 9,575
User Since: 4th Jan 2009
System Score: N/A
Location: UK
@genegold99

Your thread is nearing auto closing. I have brought it back to the top of the list (for now) & asked Secunia Support to comment on it for you.

--
Maurice

Microsoft Surface 4 Intel i7 64Bit
Windows 10 Pro version 1809 Build 17763.404
16 GB RAM
IE & Edge Only
Was this reply relevant?
+1
-0
genegold99 RE: cURL 7.x
Member 12th Apr, 2011 16:32
Score: 5
Posts: 141
User Since: 25th Nov 2008
System Score: N/A
Location: US
Thanks. Neither of the apps that show it Insecure - FVD Suite and Sylpheed email client worked with the latest version, so I'll have to wait until they update. It seems to be a file that developers don't pay much attention to or feel the need to keep current, since both are over a year behind in versions.
Was this reply relevant?
+0
-0
tomyrush RE: cURL 7.x
Member 12th Apr, 2011 19:06
Score: 0
Posts: 16
User Since: 26th Sep 2008
System Score: N/A
Location: US
There are several options other than Adobe. I use the free versions of
Nuance PDF Reader
PDFFill Editor
and
PDFFil Writer

I too, had to completely uninstall the other PDF package in order to get rid of the cURL7 problem

Tom
Was this reply relevant?
+0
-0
This user no longer exists RE: cURL 7.x
Member 13th Apr, 2011 09:13
Hi,

I apologize for the lateness of my reply.

Since cURL 7.x came bundled as part of Sylpheed, the detection for this program has been removed. If you run a full rescan, it will no longer be detected.

While updating the library migates a vulnerability in cURL, there is no demonstrated attack vector via. Sylpheed for this.

Hope this helps.
Was this reply relevant?
+0
-0
genegold99 RE: cURL 7.x
Member 13th Apr, 2011 10:05
Score: 5
Posts: 141
User Since: 25th Nov 2008
System Score: N/A
Location: US
Thanks, but what about FVD Suite? It's bundled as part of that program too.
Was this reply relevant?
+0
-0
This user no longer exists RE: cURL 7.x
Member 13th Apr, 2011 10:20
Hi,

Could I ask you for the debug log for the relevant detection?
http://secunia.com/vulnerability_scanning/personal...

Post it here and I can correct it right away. :)
Was this reply relevant?
+0
-0
genegold99 RE: cURL 7.x
Member 13th Apr, 2011 10:27
Score: 5
Posts: 141
User Since: 25th Nov 2008
System Score: N/A
Location: US
---START---

Program Name:
cURL 7.x

Security State:
Insecure

Download Link:
http://curl.haxx.se/download.html

Instances Found:
C:\Program Files\FVD Suite\curl.exe, version: 7.19.7.0

Last System Scan (localtime):
13. Apr 2011, 02:01

Operating System:
Microsoft Windows XP Home Edition, Service Pack 3

---END---
Was this reply relevant?
+0
-0
This user no longer exists RE: cURL 7.x
Member 13th Apr, 2011 10:30
Last edited on 13th Apr, 2011 10:31 Hi,

Try again, it should no longer be detected. :)
Was this reply relevant?
+0
-0
genegold99 RE: cURL 7.x
Member 13th Apr, 2011 10:39
Score: 5
Posts: 141
User Since: 25th Nov 2008
System Score: N/A
Location: US
Thanks! curl doesn't even show anymore.
Was this reply relevant?
+0
-0
This user no longer exists RE: cURL 7.x
Member 13th Apr, 2011 11:05
Last edited on 13th Apr, 2011 11:05 Hi,

Good, that's what we were hoping to accomplish.

Let me know if there are any further such detections and we'll correct it.

I'm closing this thread now, open a new one if a similar issue occurs.
Was this reply relevant?
+0
-0

This thread has been marked as locked.