Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 527
Alerts This Week
Warning Icon 1 527

Gentoo: GLSA 200512-09 Low: cURL Vulnerability with Buffer Overflow Threat

gentoo
Calendar Grey December 16, 2005
Scroller Gentoo
The Gentoo Linux Advisory GLSA 202311-01 discusses a security flaw related to OpenSSL's handling of memory allocation, which has been classified with a medium severity ranking.
cURL is vulnerable to local arbitrary code execution via buffer overflow due to the insecure parsing of URLs.

Summary

Gentoo Linux Security Advisory GLSA 200512-09 https://security.gentoo.org/ Severity: Low Title: cURL: Off-by-one errors in URL handling Date: December 16, 2005 Bugs: #114710 ID: 200512-09

Synopsis ======= cURL is vulnerable to local arbitrary code execution via buffer overflow due to the insecure parsing of URLs.
Background ========= cURL is a command line tool for transferring files with URL syntax, supporting numerous protocols.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-misc/curl < 7.15.1 >= 7.15.1
========== Stefan Esser from the Hardened-PHP Project has reported a vulnerability in cURL that allows for a local buffer overflow when cU...

Read the Full Advisory

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Severity
low
Lowest
Low
Medium
High
Critical

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround