Vulnerability Scanning Solutions, LLC.
Our Process
What We Scan For
Sample Report
Client List
Contact Us
What We Scan For
Family: Red Hat Local Security Checks --> Category: infos

RHSA-2005-875: curl Vulnerability Scan

Vulnerability Scan Summary
Check for the version of the curl packages

Detailed Explanation for this Vulnerability Test

Updated curl packages that fix a security issue are now available for Red
Hat Enterprise Linux 4.

This update has been rated as having moderate security impact by the Red
Hat Security Response Team.

cURL is a tool for getting files from FTP, HTTP, Gopher, Telnet, and Dict
servers, using any of the supported protocols.

Stefan Esser discovered an off-by-one bug in curl. It may be possible to
execute arbitrary code on a user's machine if the user can be tricked into
executing curl with a carefully crafted URL. The Common Vulnerabilities and
Exposures project assigned the name CVE-2005-4077 to this issue.

All users of curl are advised to upgrade to these updated packages, which
contain a backported patch that resolves this issue.

Solution :
Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.


P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.