10 lines
No EOL
463 B
Text
10 lines
No EOL
463 B
Text
source: http://www.securityfocus.com/bid/33962/info
|
|
|
|
cURL/libcURL is prone to a security-bypass vulnerability.
|
|
|
|
Remote attackers can exploit this issue to bypass certain security restrictions and carry out various attacks.
|
|
|
|
This issue affects cURL/libcURL 5.11 through 7.19.3. Other versions may also be vulnerable.
|
|
|
|
The following example redirection request may be used to carry out this attack:
|
|
Location: scp://name:passwd@host/a'``;date >/tmp/test``;' |