Thread: Security cURL goes wrong
View Single Post
  #1   (View Single Post)  
Old 8th February 2013
J65nko J65nko is offline
Administrator
 
Join Date: May 2008
Location: Budel - the Netherlands
Posts: 4,125
Default cURL goes wrong

From http://h-online.com/-1800880

Quote:
The open source file transfer library libcURL contains a critical vulnerability that can make attempts to retrieve a web page actually retrieve and execute arbitrary code. The interesting thing about the gap is that the hole is in the code that plugs in to communicate with mail servers; the trick is that it can be exploited when calling a normal HTTP URL.
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
Reply With Quote