cURL goes wrong
From http://h-online.com/-1800880
Quote:
The open source file transfer library libcURL contains a critical vulnerability that can make attempts to retrieve a web page actually retrieve and execute arbitrary code. The interesting thing about the gap is that the hole is in the code that plugs in to communicate with mail servers; the trick is that it can be exploited when calling a normal HTTP URL.
|
__________________
You don't need to be a genius to debug a pf.conf firewall ruleset, you just need the guts to run tcpdump
|