|
Family: Gentoo Local Security Checks --> Category: infos
[GLSA-200504-09] Axel: Vulnerability in HTTP redirection handling Vulnerability Scan
Vulnerability Scan Summary Axel: Vulnerability in HTTP redirection handling
Detailed Explanation for this Vulnerability Test
The remote host is affected by the vulnerability described in GLSA-200504-09
(Axel: Vulnerability in HTTP redirection handling)
A possible buffer overflow has been reported in the HTTP
redirection handling code in conn.c.
Impact
A remote attacker could exploit this vulnerability by setting up a
malicious site and enticing a user to connect to it. This could
possibly lead to the execution of arbitrary code with the permissions
of the user running Axel.
Workaround
There is no known workaround at this time.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-0390
Solution:
All Axel users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/axel-1.0b"
Threat Level: Medium
Click HERE for more information and discussions on this network vulnerability scan.
|