ID OPENVAS:136141256231063552 Type openvas Reporter Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com Modified 2018-04-06T00:00:00
Description
The remote host is missing updates announced in
advisory GLSA 200903-21.
#
# OpenVAS Vulnerability Test
# $
# Description: Auto generated from Gentoo's XML based advisory
#
# Authors:
# Thomas Reinke <reinke@securityspace.com>
#
# Copyright:
# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com
# Text descriptions are largely excerpted from the referenced
# advisories, and are Copyright (c) the respective author(s)
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2,
# or at your option, GNU General Public License version 3,
# as published by the Free Software Foundation
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
#
include("revisions-lib.inc");
tag_insight = "A vulnerability in cURL may allow for arbitrary file access.";
tag_solution = "All cURL users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose '>=net-misc/curl-7.19.4'
http://www.securityspace.com/smysecure/catid.html?in=GLSA%20200903-21
http://bugs.gentoo.org/show_bug.cgi?id=260361";
tag_summary = "The remote host is missing updates announced in
advisory GLSA 200903-21.";
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.63552");
script_version("$Revision: 9350 $");
script_tag(name:"last_modification", value:"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $");
script_tag(name:"creation_date", value:"2009-03-13 19:24:56 +0100 (Fri, 13 Mar 2009)");
script_cve_id("CVE-2009-0037");
script_tag(name:"cvss_base", value:"6.8");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:P/I:P/A:P");
script_name("Gentoo Security Advisory GLSA 200903-21 (curl)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com");
script_family("Gentoo Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/gentoo", "ssh/login/pkg");
script_tag(name : "insight" , value : tag_insight);
script_tag(name : "solution" , value : tag_solution);
script_tag(name : "summary" , value : tag_summary);
script_tag(name:"qod_type", value:"package");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
#
# The script code starts here
#
include("pkg-lib-gentoo.inc");
res = "";
report = "";
if ((res = ispkgvuln(pkg:"net-misc/curl", unaffected: make_list("ge 7.19.4"), vulnerable: make_list("lt 7.19.4"))) != NULL) {
report += res;
}
if (report != "") {
security_message(data:report);
} else if (__pkg_match) {
exit(99); # Not vulnerable.
}
{"id": "OPENVAS:136141256231063552", "type": "openvas", "bulletinFamily": "scanner", "title": "Gentoo Security Advisory GLSA 200903-21 (curl)", "description": "The remote host is missing updates announced in\nadvisory GLSA 200903-21.", "published": "2009-03-13T00:00:00", "modified": "2018-04-06T00:00:00", "cvss": {"vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/", "score": 6.8}, "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063552", "reporter": "Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com", "references": [], "cvelist": ["CVE-2009-0037"], "lastseen": "2018-04-06T11:38:54", "viewCount": 2, "enchantments": {"score": {"value": 7.4, "vector": "NONE", "modified": "2018-04-06T11:38:54", "rev": 2}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2009-0037"]}, {"type": "ubuntu", "idList": ["USN-726-1"]}, {"type": "debian", "idList": ["DEBIAN:DSA-1738-1:4D378"]}, {"type": "slackware", "idList": ["SSA-2009-069-01"]}, {"type": "exploitdb", "idList": ["EDB-ID:32834"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:DOC:21422", "SECURITYVULNS:VULN:9710"]}, {"type": "centos", "idList": ["CESA-2009:0341-01", "CESA-2009:0341"]}, {"type": "oraclelinux", "idList": ["ELSA-2009-0341"]}, {"type": "redhat", "idList": ["RHSA-2009:0341"]}, {"type": "gentoo", "idList": ["GLSA-200903-21"]}, {"type": "freebsd", "idList": ["5D433534-F41C-402E-ADE5-E0A2259A7CB6"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231065861", "OPENVAS:136141256231063708", "OPENVAS:136141256231063519", "OPENVAS:136141256231065633", "OPENVAS:65861", "OPENVAS:1361412562310122508", "OPENVAS:63708", "OPENVAS:1361412562310880833", "OPENVAS:136141256231063706", "OPENVAS:136141256231063577"]}, {"type": "nessus", "idList": ["FEDORA_2009-2265.NASL", "GENTOO_GLSA-200903-21.NASL", "REDHAT-RHSA-2009-0341.NASL", "FREEBSD_PKG_5D433534F41C402EADE5E0A2259A7CB6.NASL", "UBUNTU_USN-726-2.NASL", "DEBIAN_DSA-1738.NASL", "SLACKWARE_SSA_2009-069-01.NASL", "CENTOS_RHSA-2009-0341.NASL", "SUSE_11_CURL-090317.NASL", "SUSE_CURL-6015.NASL"]}, {"type": "fedora", "idList": ["FEDORA:ABA7B208545", "FEDORA:BCA8820820B"]}, {"type": "seebug", "idList": ["SSV:4867"]}, {"type": "vmware", "idList": ["VMSA-2009-0009"]}, {"type": "threatpost", "idList": ["THREATPOST:4F867C686B7E31697E158FBD04A5DD35"]}], "modified": "2018-04-06T11:38:54", "rev": 2}, "vulnersScore": 7.4}, "pluginID": "136141256231063552", "sourceData": "#\n# OpenVAS Vulnerability Test\n# $\n# Description: Auto generated from Gentoo's XML based advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"A vulnerability in cURL may allow for arbitrary file access.\";\ntag_solution = \"All cURL users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose '>=net-misc/curl-7.19.4'\n\nhttp://www.securityspace.com/smysecure/catid.html?in=GLSA%20200903-21\nhttp://bugs.gentoo.org/show_bug.cgi?id=260361\";\ntag_summary = \"The remote host is missing updates announced in\nadvisory GLSA 200903-21.\";\n\n \n \n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63552\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-13 19:24:56 +0100 (Fri, 13 Mar 2009)\");\n script_cve_id(\"CVE-2009-0037\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Gentoo Security Advisory GLSA 200903-21 (curl)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Gentoo Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/gentoo\", \"ssh/login/pkg\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-gentoo.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = ispkgvuln(pkg:\"net-misc/curl\", unaffected: make_list(\"ge 7.19.4\"), vulnerable: make_list(\"lt 7.19.4\"))) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "naslFamily": "Gentoo Local Security Checks"}
{"cve": [{"lastseen": "2021-02-02T05:39:58", "description": "The redirect implementation in curl and libcurl 5.11 through 7.19.3, when CURLOPT_FOLLOWLOCATION is enabled, accepts arbitrary Location values, which might allow remote HTTP servers to (1) trigger arbitrary requests to intranet servers, (2) read or overwrite arbitrary files via a redirect to a file: URL, or (3) execute arbitrary commands via a redirect to an scp: URL.", "edition": 4, "cvss3": {}, "published": "2009-03-05T02:30:00", "title": "CVE-2009-0037", "type": "cve", "cwe": ["CWE-352"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": true, "obtainOtherPrivilege": true, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "PARTIAL", "availabilityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "baseScore": 6.8, "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 6.4, "obtainUserPrivilege": false}, "cvelist": ["CVE-2009-0037"], "modified": "2018-10-11T20:59:00", "cpe": ["cpe:/a:curl:curl:7.12.1", "cpe:/a:curl:curl:6.5.2", "cpe:/a:curl:curl:7.16.4", "cpe:/a:curl:curl:7.1.1", "cpe:/a:curl:curl:7.10.2", "cpe:/a:curl:libcurl:7.15", "cpe:/a:curl:curl:7.7.2", "cpe:/a:curl:curl:7.7", "cpe:/a:curl:curl:7.15.1", "cpe:/a:curl:curl:7.16.3", "cpe:/a:curl:curl:6.5", "cpe:/a:curl:libcurl:7.13", "cpe:/a:curl:curl:7.10.7", "cpe:/a:curl:curl:7.8.1", "cpe:/a:curl:curl:7.9.2", "cpe:/a:curl:libcurl:7.14", "cpe:/a:curl:curl:7.10.4", "cpe:/a:curl:curl:7.17", "cpe:/a:curl:curl:7.12", "cpe:/a:curl:curl:7.9.8", "cpe:/a:curl:libcurl:7.12", "cpe:/a:curl:curl:7.9.4", "cpe:/a:curl:curl:6.4", "cpe:/a:curl:libcurl:7.15.1", "cpe:/a:curl:curl:7.2", "cpe:/a:curl:curl:7.9", "cpe:/a:curl:curl:6.1beta", "cpe:/a:curl:curl:7.7.3", "cpe:/a:curl:curl:6.3.1", "cpe:/a:curl:curl:7.10", "cpe:/a:curl:curl:7.9.5", "cpe:/a:curl:libcurl:7.15.2", "cpe:/a:curl:curl:7.5", "cpe:/a:curl:curl:7.15.3", "cpe:/a:curl:curl:7.13.2", "cpe:/a:curl:libcurl:7.12.1", "cpe:/a:curl:curl:7.4.2", "cpe:/a:curl:curl:7.7.1", "cpe:/a:curl:libcurl:7.19.3", "cpe:/a:curl:libcurl:7.12.3", "cpe:/a:curl:curl:7.10.3", "cpe:/a:curl:curl:7.18", "cpe:/a:curl:curl:7.11.1", "cpe:/a:curl:libcurl:7.13.1", "cpe:/a:curl:curl:7.9.6", "cpe:/a:curl:curl:7.9.7", "cpe:/a:curl:libcurl:5.11", "cpe:/a:curl:curl:7.4.1", "cpe:/a:curl:curl:6.5.1", "cpe:/a:curl:curl:6.2", "cpe:/a:curl:curl:7.8", "cpe:/a:curl:curl:7.15", "cpe:/a:curl:curl:7.13", "cpe:/a:curl:curl:7.5.2", "cpe:/a:curl:curl:7.6.1", "cpe:/a:curl:curl:7.14", "cpe:/a:curl:curl:6.3", "cpe:/a:curl:curl:7.8.2", "cpe:/a:curl:curl:7.10.5", "cpe:/a:curl:curl:7.6", "cpe:/a:curl:curl:7.10.6", "cpe:/a:curl:curl:7.2.1", "cpe:/a:curl:curl:7.5.1", "cpe:/a:curl:curl:5.11", "cpe:/a:curl:libcurl:7.13.2", "cpe:/a:curl:curl:7.1", "cpe:/a:curl:curl:7.10.1", "cpe:/a:curl:libcurl:7.15.3", "cpe:/a:curl:libcurl:7.16.3", "cpe:/a:curl:curl:7.9.3", "cpe:/a:curl:libcurl:7.12.2", "cpe:/a:curl:curl:7.3", "cpe:/a:curl:libcurl:7.14.1", "cpe:/a:curl:curl:6.0", "cpe:/a:curl:curl:7.19.3", "cpe:/a:curl:curl:7.14.1", "cpe:/a:curl:curl:7.4", "cpe:/a:curl:curl:7.12.2", "cpe:/a:curl:curl:7.10.8", "cpe:/a:curl:curl:7.9.1"], "id": "CVE-2009-0037", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-0037", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}, "cpe23": ["cpe:2.3:a:curl:curl:6.3:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:5.11:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:6.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:7.17:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:7.16.4:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:7.10:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:7.15:*:*:*:*:*:*:*", "cpe:2.3:a:curl:libcurl:7.15:*:*:*:*:*:*:*", "cpe:2.3:a:curl:libcurl:7.15.1:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:7.7.1:*:*:*:*:*:*:*", "cpe:2.3:a:curl:libcurl:7.19.3:*:*:*:*:*:*:*", "cpe:2.3:a:curl:libcurl:7.12:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:7.7.2:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:7.14.1:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:7.8:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:7.9.5:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:7.13.2:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:6.3.1:*:*:*:*:*:*:*", "cpe:2.3:a:curl:libcurl:7.12.1:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:6.2:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:7.1.1:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:7.12.1:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:7.10.4:*:*:*:*:*:*:*", "cpe:2.3:a:curl:libcurl:7.12.2:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:7.9.6:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:7.10.1:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:7.15.1:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:7.6.1:*:*:*:*:*:*:*", "cpe:2.3:a:curl:libcurl:7.14.1:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:7.3:*:*:*:*:*:*:*", "cpe:2.3:a:curl:libcurl:7.12.3:*:*:*:*:*:*:*", "cpe:2.3:a:curl:libcurl:7.15.2:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:7.11.1:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:7.10.5:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:7.4.1:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:7.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:7.8.2:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:7.9.8:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:7.16.3:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:7.8.1:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:7.1:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:7.4.2:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:6.1beta:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:7.2:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:7.10.8:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:7.18:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:7.15.3:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:6.0:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:7.9.1:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:7.10.7:*:*:*:*:*:*:*", "cpe:2.3:a:curl:libcurl:7.13.2:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:7.12:*:*:*:*:*:*:*", "cpe:2.3:a:curl:libcurl:7.16.3:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:7.9.3:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:7.9:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:7.4:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:6.5.2:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:7.6:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:7.13:*:*:*:*:*:*:*", "cpe:2.3:a:curl:libcurl:5.11:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:7.7:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:7.14:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:7.10.6:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:7.5.1:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:6.4:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:7.12.2:*:*:*:*:*:*:*", "cpe:2.3:a:curl:libcurl:7.15.3:*:*:*:*:*:*:*", "cpe:2.3:a:curl:libcurl:7.13.1:*:*:*:*:*:*:*", "cpe:2.3:a:curl:libcurl:7.14:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:7.5:*:*:*:*:*:*:*", "cpe:2.3:a:curl:libcurl:7.13:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:7.19.3:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:7.9.2:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:7.10.3:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:7.2.1:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:7.9.7:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:7.9.4:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:7.7.3:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:6.5:*:*:*:*:*:*:*", "cpe:2.3:a:curl:curl:7.10.2:*:*:*:*:*:*:*"]}], "ubuntu": [{"lastseen": "2020-07-09T00:35:20", "bulletinFamily": "unix", "cvelist": ["CVE-2009-0037"], "description": "It was discovered that curl did not enforce any restrictions when following \nURL redirects. If a user or automated system were tricked into opening a URL to \nan untrusted server, an attacker could use redirects to gain access to abitrary \nfiles. This update changes curl behavior to prevent following \"file\" URLs after \na redirect.", "edition": 5, "modified": "2009-03-03T00:00:00", "published": "2009-03-03T00:00:00", "id": "USN-726-1", "href": "https://ubuntu.com/security/notices/USN-726-1", "title": "curl vulnerability", "type": "ubuntu", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2020-11-11T13:28:04", "bulletinFamily": "unix", "cvelist": ["CVE-2009-0037"], "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA-1738-1 security@debian.org\nhttp://www.debian.org/security/ Nico Golde\nMarch 11th, 2009 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : curl\nVulnerability : arbitrary file access\nProblem type : remote\nDebian-specific: no\nCVE ID : CVE-2009-0037\nDebian Bug : 518423\nBugTraq ID : 33962\n\nDavid Kierznowski discovered that libcurl, a multi-protocol file transfer\nlibrary, when configured to follow URL redirects automatically, does not\nquestion the new target location. As libcurl also supports file:// and\nscp:// URLs - depending on the setup - an untrusted server could use that\nto expose local files, overwrite local files or even execute arbitrary\ncode via a malicious URL redirect.\n\nThis update introduces a new option called CURLOPT_REDIR_PROTOCOLS which by\ndefault does not include the scp and file protocol handlers.\n\n\nFor the oldstable distribution (etch) this problem has been fixed in\nversion 7.15.5-1etch2.\n\nFor the stable distribution (lenny) this problem has been fixed in\nversion 7.18.2-8lenny2.\n\nFor the unstable distribution (sid) this problem has been fixed in\nversion 7.18.2-8.1.\n\nWe recommend that you upgrade your curl packages.\n\n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nDebian (oldstable)\n- ------------------\n\nOldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5-1etch2.dsc\n Size/MD5 checksum: 956 0a164bd43dbfb582a049fe3a737a375b\n http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5.orig.tar.gz\n Size/MD5 checksum: 1897973 61997c0d852d38c3a85b445f4fc02892\n http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5-1etch2.diff.gz\n Size/MD5 checksum: 21635 47c30162c60f8192bce199f5fab0012d\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-dev_7.15.5-1etch2_all.deb\n Size/MD5 checksum: 22244 752d541336f513b3bfd0841e0868b472\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5-1etch2_alpha.deb\n Size/MD5 checksum: 166256 709d02b9dae8f4b0c7333d6f03c31628\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.15.5-1etch2_alpha.deb\n Size/MD5 checksum: 816206 a36046c7827322a14d257bd3fb74010b\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-openssl-dev_7.15.5-1etch2_alpha.deb\n Size/MD5 checksum: 818778 967acf1522d86fdf56e84e1c5b22f147\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls-dev_7.15.5-1etch2_alpha.deb\n Size/MD5 checksum: 809316 af0f20647d1a91d799dcbed6980428b7\n http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.15.5-1etch2_alpha.deb\n Size/MD5 checksum: 181392 78c3b97fba2c35b5c5d1bf1eb5f1d908\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.15.5-1etch2_alpha.deb\n Size/MD5 checksum: 174310 433c7e16f748f83db01989e8a249a101\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.15.5-1etch2_amd64.deb\n Size/MD5 checksum: 164766 6f3f68c322aa54a5000975530ded729e\n http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.15.5-1etch2_amd64.deb\n Size/MD5 checksum: 170058 f6fd6e8f7a3e030ca028a6750f666061\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls-dev_7.15.5-1etch2_amd64.deb\n Size/MD5 checksum: 772142 5d3cdfcfdaf0604aeebfc395703d6df7\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-openssl-dev_7.15.5-1etch2_amd64.deb\n Size/MD5 checksum: 778626 490801518500a00caec9e45fb755c524\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.15.5-1etch2_amd64.deb\n Size/MD5 checksum: 824964 a57398dfcbd49c33060a48671bed8a02\n http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5-1etch2_amd64.deb\n Size/MD5 checksum: 163446 7eaaea76d628e03e8ebdc580bff0b72b\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls-dev_7.15.5-1etch2_arm.deb\n Size/MD5 checksum: 756884 8eed02667e02867ad3d130a40ad4f330\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-openssl-dev_7.15.5-1etch2_arm.deb\n Size/MD5 checksum: 762352 b5720175a10c9f7333a2e8a298aac91d\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.15.5-1etch2_arm.deb\n Size/MD5 checksum: 783552 72af9664d85d8aa4ca0960da19554333\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.15.5-1etch2_arm.deb\n Size/MD5 checksum: 160536 c9fb486fd46228488f391d57a9d6edc8\n http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.15.5-1etch2_arm.deb\n Size/MD5 checksum: 165914 b1188bf4e4da054e04b77c4e8f27ca73\n http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5-1etch2_arm.deb\n Size/MD5 checksum: 162598 a60ef14833ef5f5bad0bffbda329e326\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5-1etch2_hppa.deb\n Size/MD5 checksum: 164866 73bdea9c0a854221204e7d232a464ad7\n http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.15.5-1etch2_hppa.deb\n Size/MD5 checksum: 184262 c681c1b066c2210aa0d84f1763a14bdb\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-openssl-dev_7.15.5-1etch2_hppa.deb\n Size/MD5 checksum: 798798 29f2ee940a221a567c8f9568202f6f85\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.15.5-1etch2_hppa.deb\n Size/MD5 checksum: 178932 76c87584e67d0e9957110bb805a15946\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls-dev_7.15.5-1etch2_hppa.deb\n Size/MD5 checksum: 791220 9d0a1827c563e72951420d6e869a348f\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.15.5-1etch2_hppa.deb\n Size/MD5 checksum: 815004 47b6884a2e5ce2224d64fdc9c5852325\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.15.5-1etch2_i386.deb\n Size/MD5 checksum: 163604 16def6f8c4d5068be2bba466f89dc329\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls-dev_7.15.5-1etch2_i386.deb\n Size/MD5 checksum: 759150 613d3cfa2de22d73706c4158f45a9380\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-openssl-dev_7.15.5-1etch2_i386.deb\n Size/MD5 checksum: 766468 c32cd1d31c6078d4676b8046ddc56f07\n http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.15.5-1etch2_i386.deb\n Size/MD5 checksum: 168800 1fc225d65db9eb6508481bf2e5985d5d\n http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5-1etch2_i386.deb\n Size/MD5 checksum: 163240 362b7152f99699f68c93ab89e821d8d0\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.15.5-1etch2_i386.deb\n Size/MD5 checksum: 800506 984abe71ca0999c8a587ed1b0042299a\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.15.5-1etch2_ia64.deb\n Size/MD5 checksum: 811254 1992183aa065d3782a2992ea98c22a5a\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls-dev_7.15.5-1etch2_ia64.deb\n Size/MD5 checksum: 838550 350899a4e4f86a672aeb2c3a2d011e94\n http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5-1etch2_ia64.deb\n Size/MD5 checksum: 174484 ac0a064f867f61c30ebd1cd7da6ea845\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.15.5-1etch2_ia64.deb\n Size/MD5 checksum: 217504 032debd42a9a3cc08f65ee17097fe9d7\n http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.15.5-1etch2_ia64.deb\n Size/MD5 checksum: 225458 a6beeb5551ffe3d09341160b368bf4f6\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-openssl-dev_7.15.5-1etch2_ia64.deb\n Size/MD5 checksum: 848606 b339d6517e49af9a30b5bed9a42c9222\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls-dev_7.15.5-1etch2_mips.deb\n Size/MD5 checksum: 784292 439b960fc26cd382f86bbfb20478d7b0\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.15.5-1etch2_mips.deb\n Size/MD5 checksum: 831916 dcfa7a779ae3cdac67cecf847dac0162\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-openssl-dev_7.15.5-1etch2_mips.deb\n Size/MD5 checksum: 792482 357d60661e80f1ee887d2345a119b547\n http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5-1etch2_mips.deb\n Size/MD5 checksum: 164020 c91e5b7e745e2179301d2e75be7d8ee2\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.15.5-1etch2_mips.deb\n Size/MD5 checksum: 165474 eff09f808ce9a23ce659aeeffea398f1\n http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.15.5-1etch2_mips.deb\n Size/MD5 checksum: 170646 650b55f89ad5530208e49e211f5aebeb\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5-1etch2_mipsel.deb\n Size/MD5 checksum: 164056 b2cbeec53d1eef3e9d0e29adf797548b\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-openssl-dev_7.15.5-1etch2_mipsel.deb\n Size/MD5 checksum: 792108 4fe7f7e85d02706503d1064895607831\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.15.5-1etch2_mipsel.deb\n Size/MD5 checksum: 165674 500cb0c319ee13c14f8d010b3c4457cc\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.15.5-1etch2_mipsel.deb\n Size/MD5 checksum: 811082 c61871a4ac26252046b4e161aeef2dd7\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls-dev_7.15.5-1etch2_mipsel.deb\n Size/MD5 checksum: 784546 b8ba2732071c34bbfe5c10927317f589\n http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.15.5-1etch2_mipsel.deb\n Size/MD5 checksum: 170522 0919591347253f65b44ddea61f49cbc7\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls-dev_7.15.5-1etch2_powerpc.deb\n Size/MD5 checksum: 774490 f804de8b26ea6914f0283f79f71d72b2\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-openssl-dev_7.15.5-1etch2_powerpc.deb\n Size/MD5 checksum: 781844 b53e33260b02761cd26c8780b8e81f2b\n http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.15.5-1etch2_powerpc.deb\n Size/MD5 checksum: 173906 edf0a2342f93af56ffb18a45a934ace3\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.15.5-1etch2_powerpc.deb\n Size/MD5 checksum: 841666 5df4b820f0f196560bd5796d0ad1bad7\n http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5-1etch2_powerpc.deb\n Size/MD5 checksum: 165134 c62f63233f70e51a732c36492fd04ae9\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.15.5-1etch2_powerpc.deb\n Size/MD5 checksum: 169130 44d2765d66141ceb6c6626750a098aaa\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.15.5-1etch2_s390.deb\n Size/MD5 checksum: 836322 26db7bd743a5c2141c6aee251a9cede0\n http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.15.5-1etch2_s390.deb\n Size/MD5 checksum: 179832 487db999849a4ac171d86d87d12d3f7f\n http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5-1etch2_s390.deb\n Size/MD5 checksum: 163182 7be52b66b1f79a0d0f76d0183da4104a\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls-dev_7.15.5-1etch2_s390.deb\n Size/MD5 checksum: 768888 87b9a0f806f25692cd2f9a30bd0be9eb\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.15.5-1etch2_s390.deb\n Size/MD5 checksum: 172444 3d9a0b971714e2f9f6c7d15ce387bc93\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-openssl-dev_7.15.5-1etch2_s390.deb\n Size/MD5 checksum: 774446 9c7cf8ac1154f4b8b71615ad8d48ed99\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.15.5-1etch2_sparc.deb\n Size/MD5 checksum: 160204 433e751e98d9010f793cfacf4c809996\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.15.5-1etch2_sparc.deb\n Size/MD5 checksum: 788794 2c4e9c34ccf365fa02bc1f1657e68f35\n http://security.debian.org/pool/updates/main/c/curl/curl_7.15.5-1etch2_sparc.deb\n Size/MD5 checksum: 162412 1bab2e9e64b655babb5f1ef1b7271090\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-openssl-dev_7.15.5-1etch2_sparc.deb\n Size/MD5 checksum: 766110 cc724da5e7cc8b38376d1644d98a144e\n http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.15.5-1etch2_sparc.deb\n Size/MD5 checksum: 165224 671413f03a06041a824630be23ded9e9\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls-dev_7.15.5-1etch2_sparc.deb\n Size/MD5 checksum: 759596 2070bf93dadb3b3fe1aa387fb0f8e6c7\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nDebian (stable)\n- ---------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.\n\nSource archives:\n\n http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2-8lenny2.diff.gz\n Size/MD5 checksum: 27675 3cc8e00a5145e9f8f35823f89170ed4e\n http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2-8lenny2.dsc\n Size/MD5 checksum: 1418 02c706202a50b3358769c4c1e9f1a120\n http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2.orig.tar.gz\n Size/MD5 checksum: 2273077 4fe99398a64a34613c9db7bd61bf6e3c\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2-8lenny2_alpha.deb\n Size/MD5 checksum: 211250 dcccf85073a2826d5af6e6d438f6c9f6\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.18.2-8lenny2_alpha.deb\n Size/MD5 checksum: 224420 33ead51af60c4e6ea8f08b16ebde1e06\n http://security.debian.org/pool/updates/main/c/curl/libcurl4-openssl-dev_7.18.2-8lenny2_alpha.deb\n Size/MD5 checksum: 985930 c90004e19361846cbded2fb615eb60ec\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.18.2-8lenny2_alpha.deb\n Size/MD5 checksum: 1150080 c3436b5c4979764699a7236674df93cf\n http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.18.2-8lenny2_alpha.deb\n Size/MD5 checksum: 241558 7d28ddb21b9a23f2e4b6302dea9ffc36\n http://security.debian.org/pool/updates/main/c/curl/libcurl4-gnutls-dev_7.18.2-8lenny2_alpha.deb\n Size/MD5 checksum: 957810 49c87cfe63e61d4c905c2c481b1a88a2\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.18.2-8lenny2_amd64.deb\n Size/MD5 checksum: 214620 3d0a0aa6453df3486b5910e198275f84\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.18.2-8lenny2_amd64.deb\n Size/MD5 checksum: 1182662 c7a8138e99e78dd772758e4d1db098fe\n http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.18.2-8lenny2_amd64.deb\n Size/MD5 checksum: 230526 1d8262e5c8ce1baddb748a76b836ff79\n http://security.debian.org/pool/updates/main/c/curl/libcurl4-openssl-dev_7.18.2-8lenny2_amd64.deb\n Size/MD5 checksum: 951202 76dd51652be02ad2972cbb32df9cbe60\n http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2-8lenny2_amd64.deb\n Size/MD5 checksum: 208912 e66d007bbedba4d7e838045e549c64b1\n http://security.debian.org/pool/updates/main/c/curl/libcurl4-gnutls-dev_7.18.2-8lenny2_amd64.deb\n Size/MD5 checksum: 928736 6f66f5283ad91d0a2b4d56bd629e8305\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.18.2-8lenny2_armel.deb\n Size/MD5 checksum: 223972 d139a82972490d1f706ec27cacddadac\n http://security.debian.org/pool/updates/main/c/curl/libcurl4-openssl-dev_7.18.2-8lenny2_armel.deb\n Size/MD5 checksum: 920298 d740b279b624e6a475cb7d391f7b2c10\n http://security.debian.org/pool/updates/main/c/curl/libcurl4-gnutls-dev_7.18.2-8lenny2_armel.deb\n Size/MD5 checksum: 903750 c81c5db454d3263cd6ae51d16c933a6d\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.18.2-8lenny2_armel.deb\n Size/MD5 checksum: 209142 e9f8cea7ff20b90a27e1a72a523b3d47\n http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2-8lenny2_armel.deb\n Size/MD5 checksum: 209082 a906ad9c5f72efd9cdd561aed4ca8dc9\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.18.2-8lenny2_armel.deb\n Size/MD5 checksum: 1151506 7c7546f135977a859ddc976f73b6542d\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/c/curl/libcurl4-gnutls-dev_7.18.2-8lenny2_hppa.deb\n Size/MD5 checksum: 939250 04c83feddcf78eaca8136bd4b15bee90\n http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2-8lenny2_hppa.deb\n Size/MD5 checksum: 209462 8e62f5740ba733a9a8cde83f045873e2\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.18.2-8lenny2_hppa.deb\n Size/MD5 checksum: 227528 9905b63e7ffb02e1b6da0443ad99bbf6\n http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.18.2-8lenny2_hppa.deb\n Size/MD5 checksum: 244642 f127b127e9783af96664f67fab940458\n http://security.debian.org/pool/updates/main/c/curl/libcurl4-openssl-dev_7.18.2-8lenny2_hppa.deb\n Size/MD5 checksum: 960844 5c3918da2bdb2bcb6e5775935d101600\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.18.2-8lenny2_hppa.deb\n Size/MD5 checksum: 1173380 ef0c131c585f50dd3b1d494be681ad4c\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/c/curl/libcurl4-gnutls-dev_7.18.2-8lenny2_i386.deb\n Size/MD5 checksum: 903896 766d2afb93354dc6cfccc719ca5d3a32\n http://security.debian.org/pool/updates/main/c/curl/libcurl4-openssl-dev_7.18.2-8lenny2_i386.deb\n Size/MD5 checksum: 923838 54e2efa56e08277cd061ec142167b8f8\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.18.2-8lenny2_i386.deb\n Size/MD5 checksum: 1155810 b481158475101fe14cd7086dd09b00ba\n http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.18.2-8lenny2_i386.deb\n Size/MD5 checksum: 228434 806b581b9cb3e7b74b4c5b38d952d496\n http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2-8lenny2_i386.deb\n Size/MD5 checksum: 208184 310da7a3545fdd174ae3f7cf7a05d84e\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.18.2-8lenny2_i386.deb\n Size/MD5 checksum: 210964 fde8c7b507ef8fca75b3b95557443568\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.18.2-8lenny2_ia64.deb\n Size/MD5 checksum: 274076 a242056cc5928023e19189e0dad47a54\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.18.2-8lenny2_ia64.deb\n Size/MD5 checksum: 1165456 63a88f4853c990bf6a26744b25ffcd65\n http://security.debian.org/pool/updates/main/c/curl/libcurl4-gnutls-dev_7.18.2-8lenny2_ia64.deb\n Size/MD5 checksum: 991418 a81c668fb270734005c855f77fbaa1b2\n http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.18.2-8lenny2_ia64.deb\n Size/MD5 checksum: 296182 959638d94a18a01ee393a5388af95e9a\n http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2-8lenny2_ia64.deb\n Size/MD5 checksum: 222326 8f7d1012c7920a818ff3387fd672582b\n http://security.debian.org/pool/updates/main/c/curl/libcurl4-openssl-dev_7.18.2-8lenny2_ia64.deb\n Size/MD5 checksum: 1019228 f1ee83304b03f4e168a3077577aee4ca\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.18.2-8lenny2_mips.deb\n Size/MD5 checksum: 1193134 69792abd2ebb8ae27741fd5380a15c7d\n http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.18.2-8lenny2_mips.deb\n Size/MD5 checksum: 227940 f59a95b1a51411e2df9f7646166b8bb0\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.18.2-8lenny2_mips.deb\n Size/MD5 checksum: 212670 38196676b77101edb8d75e050ccdfa83\n http://security.debian.org/pool/updates/main/c/curl/libcurl4-openssl-dev_7.18.2-8lenny2_mips.deb\n Size/MD5 checksum: 950332 3d0b559a946b285580c626796bd79619\n http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2-8lenny2_mips.deb\n Size/MD5 checksum: 208940 c4b370ba4637c34fb90b7241d94ad26e\n http://security.debian.org/pool/updates/main/c/curl/libcurl4-gnutls-dev_7.18.2-8lenny2_mips.deb\n Size/MD5 checksum: 929246 a3250ee1c064f637f4f8b80fe67cc126\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2-8lenny2_mipsel.deb\n Size/MD5 checksum: 208632 8e7b0faa4d0fcf82d4832c88040644a4\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.18.2-8lenny2_mipsel.deb\n Size/MD5 checksum: 1169800 fec90115dd8a0a4159eb0b32f9d2f547\n http://security.debian.org/pool/updates/main/c/curl/libcurl4-openssl-dev_7.18.2-8lenny2_mipsel.deb\n Size/MD5 checksum: 949916 4c476dd885c52cc5de342bf739d84f65\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.18.2-8lenny2_mipsel.deb\n Size/MD5 checksum: 212332 d9cccbe468c2228b96c662fab496a06e\n http://security.debian.org/pool/updates/main/c/curl/libcurl4-gnutls-dev_7.18.2-8lenny2_mipsel.deb\n Size/MD5 checksum: 928636 b3e28a026e7deb8cce632c63b2a7a140\n http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.18.2-8lenny2_mipsel.deb\n Size/MD5 checksum: 227638 75ad8b0dd97c093ff56338d856df7383\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/c/curl/libcurl4-openssl-dev_7.18.2-8lenny2_powerpc.deb\n Size/MD5 checksum: 941020 0f242ff442fea24f03c33af08d9e6c75\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.18.2-8lenny2_powerpc.deb\n Size/MD5 checksum: 1179540 551daec15eb2ce16e000b2201dba167c\n http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2-8lenny2_powerpc.deb\n Size/MD5 checksum: 212734 57c377e5cbef3618e283a1e187045598\n http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.18.2-8lenny2_powerpc.deb\n Size/MD5 checksum: 238114 440e40511e414c3a0c3a4f4bfd479a41\n http://security.debian.org/pool/updates/main/c/curl/libcurl4-gnutls-dev_7.18.2-8lenny2_powerpc.deb\n Size/MD5 checksum: 922274 73c54c0b54c83950728f60d8cc1727ea\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.18.2-8lenny2_powerpc.deb\n Size/MD5 checksum: 222642 74220c8c71a4a5d9af54694d9777a9b0\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.18.2-8lenny2_s390.deb\n Size/MD5 checksum: 223330 8c5ca7bc3655a68e2fc33d11ecc06865\n http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2-8lenny2_s390.deb\n Size/MD5 checksum: 209294 e28839caee56080274e61541e035af52\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.18.2-8lenny2_s390.deb\n Size/MD5 checksum: 1190688 bd391c517d8ec4b5179f753ef73825a9\n http://security.debian.org/pool/updates/main/c/curl/libcurl4-openssl-dev_7.18.2-8lenny2_s390.deb\n Size/MD5 checksum: 931312 dc473f1db5201689c7cb15f41929f780\n http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.18.2-8lenny2_s390.deb\n Size/MD5 checksum: 239904 5f08a1a17220525e249e6dec32a21bfb\n http://security.debian.org/pool/updates/main/c/curl/libcurl4-gnutls-dev_7.18.2-8lenny2_s390.deb\n Size/MD5 checksum: 912728 368e5d51de6826fce49b35e728a52dda\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-gnutls_7.18.2-8lenny2_sparc.deb\n Size/MD5 checksum: 207660 84f75b95a33d19a1027b281c136f38ca\n http://security.debian.org/pool/updates/main/c/curl/curl_7.18.2-8lenny2_sparc.deb\n Size/MD5 checksum: 208576 4ac3ac2bb012ba68a1872620cc90e3a3\n http://security.debian.org/pool/updates/main/c/curl/libcurl3-dbg_7.18.2-8lenny2_sparc.deb\n Size/MD5 checksum: 1134708 3403c94f0c0c32c1e964364337132456\n http://security.debian.org/pool/updates/main/c/curl/libcurl3_7.18.2-8lenny2_sparc.deb\n Size/MD5 checksum: 222562 990364878bde2699a2af470013f90fce\n http://security.debian.org/pool/updates/main/c/curl/libcurl4-gnutls-dev_7.18.2-8lenny2_sparc.deb\n Size/MD5 checksum: 902436 8f221c8abaab29401bd0434b9add83c8\n http://security.debian.org/pool/updates/main/c/curl/libcurl4-openssl-dev_7.18.2-8lenny2_sparc.deb\n Size/MD5 checksum: 918590 2d0b3f1dc2882cc2446ed708c2f2b55e\n\n\n These files will probably be moved into the stable distribution on\n its next update.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "edition": 3, "modified": "2009-03-11T16:49:28", "published": "2009-03-11T16:49:28", "id": "DEBIAN:DSA-1738-1:4D378", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2009/msg00048.html", "title": "[SECURITY] [DSA 1738-1] New curl packages fix arbitrary file access", "type": "debian", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "slackware": [{"lastseen": "2019-05-30T07:36:56", "bulletinFamily": "unix", "cvelist": ["CVE-2009-0037"], "description": "New curl packages are available for Slackware 9.1, 10.0, 10.1, 10.2, 11.0,\n12.0, 12.1, 12.2, and -current to fix a security issue.\n\nMore details about this issue may be found in the Common\nVulnerabilities and Exposures (CVE) database:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0037\n\n\nHere are the details from the Slackware 12.2 ChangeLog:\n\npatches/packages/curl-7.19.4-i486-1_slack12.2.tgz:\n Upgraded to curl-7.19.4.\n This fixes a security issue where automatic redirection could be made to\n follow file:// URLs, reading or writing a local instead of remote file.\n For more information, see:\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0037\n (* Security fix *)\n\nWhere to find the new packages:\n\nHINT: Getting slow download speeds from ftp.slackware.com?\nGive slackware.osuosl.org a try. This is another primary FTP site\nfor Slackware that can be considerably faster than downloading\ndirectly from ftp.slackware.com.\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating additional FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the "Get Slack" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 9.1:\nftp://ftp.slackware.com/pub/slackware/slackware-9.1/patches/packages/curl-7.10.7-i486-3_slack9.1.tgz\n\nUpdated package for Slackware 10.0:\nftp://ftp.slackware.com/pub/slackware/slackware-10.0/patches/packages/curl-7.12.2-i486-3_slack10.0.tgz\n\nUpdated package for Slackware 10.1:\nftp://ftp.slackware.com/pub/slackware/slackware-10.1/patches/packages/curl-7.12.2-i486-3_slack10.1.tgz\n\nUpdated package for Slackware 10.2:\nftp://ftp.slackware.com/pub/slackware/slackware-10.2/patches/packages/curl-7.12.2-i486-3_slack10.2.tgz\n\nUpdated package for Slackware 11.0:\nftp://ftp.slackware.com/pub/slackware/slackware-11.0/patches/packages/curl-7.15.5-i486-2_slack11.0.tgz\n\nUpdated package for Slackware 12.0:\nftp://ftp.slackware.com/pub/slackware/slackware-12.0/patches/packages/curl-7.16.2-i486-2_slack12.0.tgz\n\nUpdated package for Slackware 12.1:\nftp://ftp.slackware.com/pub/slackware/slackware-12.1/patches/packages/curl-7.16.2-i486-2_slack12.1.tgz\n\nUpdated package for Slackware 12.2:\nftp://ftp.slackware.com/pub/slackware/slackware-12.2/patches/packages/curl-7.19.4-i486-1_slack12.2.tgz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/curl-7.19.4-i486-1.tgz\n\n\nMD5 signatures:\n\nSlackware 9.1 package:\n9518e396ad90a20241bb6f370fc905bc curl-7.10.7-i486-3_slack9.1.tgz\n\nSlackware 10.0 package:\n139a92d6df8f87fbc72f2ea656295148 curl-7.12.2-i486-3_slack10.0.tgz\n\nSlackware 10.1 package:\nfd2c0ec5d8e2f92882d55762c159486f curl-7.12.2-i486-3_slack10.1.tgz\n\nSlackware 10.2 package:\n625671543d37a8b247b83cd5833e3511 curl-7.12.2-i486-3_slack10.2.tgz\n\nSlackware 11.0 package:\n64fce363f0990a0eeeaf1b793720eccc curl-7.15.5-i486-2_slack11.0.tgz\n\nSlackware 12.0 package:\n6e8f47b4d3511e4ca9518a9971650207 curl-7.16.2-i486-2_slack12.0.tgz\n\nSlackware 12.1 package:\n8b6a84bf71876bec8b293f70fcf3c54f curl-7.16.2-i486-2_slack12.1.tgz\n\nSlackware 12.2 package:\n307b33a3558daada6a3aeb260e3a450c curl-7.19.4-i486-1_slack12.2.tgz\n\nSlackware -current package:\n9869d016c4b261562dcfd63d9b58a8e8 curl-7.19.4-i486-1.tgz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg curl-7.19.4-i486-1_slack12.2.tgz", "modified": "2009-03-10T10:26:20", "published": "2009-03-10T10:26:20", "id": "SSA-2009-069-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.476602", "type": "slackware", "title": "curl", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "exploitdb": [{"lastseen": "2016-02-03T17:54:27", "description": "cURL/libcURL 7.19.3 HTTP 'Location:' Redirect Security Bypass Vulnerability. CVE-2009-0037. Remote exploit for linux platform", "published": "2009-03-03T00:00:00", "type": "exploitdb", "title": "cURL/libcURL <= 7.19.3 HTTP 'Location:' Redirect Security Bypass Vulnerability", "bulletinFamily": "exploit", "cvelist": ["CVE-2009-0037"], "modified": "2009-03-03T00:00:00", "id": "EDB-ID:32834", "href": "https://www.exploit-db.com/exploits/32834/", "sourceData": "source: http://www.securityfocus.com/bid/33962/info\r\n\r\ncURL/libcURL is prone to a security-bypass vulnerability.\r\n\r\nRemote attackers can exploit this issue to bypass certain security restrictions and carry out various attacks.\r\n\r\nThis issue affects cURL/libcURL 5.11 through 7.19.3. Other versions may also be vulnerable.\r\n\r\nThe following example redirection request may be used to carry out this attack:\r\nLocation: scp://name:passwd@host/a'``;date >/tmp/test``;' ", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "https://www.exploit-db.com/download/32834/"}], "securityvulns": [{"lastseen": "2018-08-31T11:10:29", "bulletinFamily": "software", "cvelist": ["CVE-2009-0037"], "description": "===========================================================\r\nUbuntu Security Notice USN-726-1 March 03, 2009\r\ncurl vulnerability\r\nCVE-2009-0037\r\n===========================================================\r\n\r\nA security issue affects the following Ubuntu releases:\r\n\r\nUbuntu 6.06 LTS\r\nUbuntu 7.10\r\nUbuntu 8.04 LTS\r\nUbuntu 8.10\r\n\r\nThis advisory also applies to the corresponding versions of\r\nKubuntu, Edubuntu, and Xubuntu.\r\n\r\nThe problem can be corrected by upgrading your system to the\r\nfollowing package versions:\r\n\r\nUbuntu 6.06 LTS:\r\n libcurl3 7.15.1-1ubuntu3.1\r\n libcurl3-gnutls 7.15.1-1ubuntu3.1\r\n\r\nUbuntu 7.10:\r\n libcurl3 7.16.4-2ubuntu1.1\r\n libcurl3-gnutls 7.16.4-2ubuntu1.1\r\n\r\nUbuntu 8.04 LTS:\r\n libcurl3 7.18.0-1ubuntu2.1\r\n libcurl3-gnutls 7.18.0-1ubuntu2.1\r\n\r\nUbuntu 8.10:\r\n libcurl3 7.18.2-1ubuntu4.1\r\n libcurl3-gnutls 7.18.2-1ubuntu4.1\r\n\r\nIn general, a standard system upgrade is sufficient to effect the\r\nnecessary changes.\r\n\r\nDetails follow:\r\n\r\nIt was discovered that curl did not enforce any restrictions when following\r\nURL redirects. If a user or automated system were tricked into opening a URL to\r\nan untrusted server, an attacker could use redirects to gain access to abitrary\r\nfiles. This update changes curl behavior to prevent following "file" URLs after\r\na redirect.\r\n\r\n\r\nUpdated packages for Ubuntu 6.06 LTS:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.1-1ubuntu3.1.diff.gz\r\n Size/MD5: 187821 98a6bc2adb5c5673bdf39e10459be0e8\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.1-1ubuntu3.1.dsc\r\n Size/MD5: 946 54356fc9d1f2f629db92aec10f15ad52\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.1.orig.tar.gz\r\n Size/MD5: 1769992 63be206109486d4653c73823aa2b34fa\r\n\r\n Architecture independent packages:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dev_7.15.1-1ubuntu3.1_all.deb\r\n Size/MD5: 31260 e1a1c7938bbc15a8f1183fe1d6d0af0a\r\n\r\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.1-1ubuntu3.1_amd64.deb\r\n Size/MD5: 169568 1315f552c57d7db1315f81b41589792c\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dbg_7.15.1-1ubuntu3.1_amd64.deb\r\n Size/MD5: 540736 bb54db6af7f71e8098b99f57c55a8c03\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls-dev_7.15.1-1ubuntu3.1_amd64.deb\r\n Size/MD5: 717326 74244221991d13b3e27d7600b25cc667\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls_7.15.1-1ubuntu3.1_amd64.deb\r\n Size/MD5: 167960 0d960ee5cb9c386af7730dd6985e519e\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-openssl-dev_7.15.1-1ubuntu3.1_amd64.deb\r\n Size/MD5: 724246 a35139c3af268cb40a64b2d4562c239e\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3_7.15.1-1ubuntu3.1_amd64.deb\r\n Size/MD5: 172910 33529da99980d7c599c1ddbf49a7a298\r\n\r\n i386 architecture (x86 compatible Intel/AMD):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.1-1ubuntu3.1_i386.deb\r\n Size/MD5: 168448 3ff82ec8fbffb489c198ef86ad45155b\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dbg_7.15.1-1ubuntu3.1_i386.deb\r\n Size/MD5: 506770 10c355570dcb3812efa661f3359792fa\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls-dev_7.15.1-1ubuntu3.1_i386.deb\r\n Size/MD5: 700624 d9ed3ac37839ed446dd2d19f4c0ccac1\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls_7.15.1-1ubuntu3.1_i386.deb\r\n Size/MD5: 160502 7325d0cd0802f12340de1e5ff8fc94ad\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-openssl-dev_7.15.1-1ubuntu3.1_i386.deb\r\n Size/MD5: 705276 442b603f3bef1bb6b76cb475108d0869\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3_7.15.1-1ubuntu3.1_i386.deb\r\n Size/MD5: 165456 52191a45a9ccfb55dfa95a5d6059c4c4\r\n\r\n powerpc architecture (Apple Macintosh G3/G4/G5):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.1-1ubuntu3.1_powerpc.deb\r\n Size/MD5: 172084 3b8d50cd83bce1fbf4db132ac6b5fcf2\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dbg_7.15.1-1ubuntu3.1_powerpc.deb\r\n Size/MD5: 542256 f038486866f70fd91641a338684c9fd7\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls-dev_7.15.1-1ubuntu3.1_powerpc.deb\r\n Size/MD5: 723702 ab81371909385b48de743ff8c6bdef1e\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls_7.15.1-1ubuntu3.1_powerpc.deb\r\n Size/MD5: 170316 b131cc76e2315a6969e5d842ee00ac7d\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-openssl-dev_7.15.1-1ubuntu3.1_powerpc.deb\r\n Size/MD5: 729156 ecb7523175cc86845a65a45e584c52f4\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3_7.15.1-1ubuntu3.1_powerpc.deb\r\n Size/MD5: 174808 75929f5b8f8665d595d71b1477428fe8\r\n\r\n sparc architecture (Sun SPARC/UltraSPARC):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.15.1-1ubuntu3.1_sparc.deb\r\n Size/MD5: 169262 d1227121940771c773000adf86cb2b25\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dbg_7.15.1-1ubuntu3.1_sparc.deb\r\n Size/MD5: 510838 cedeacff8c06c39c973cb49e14098a72\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls-dev_7.15.1-1ubuntu3.1_sparc.deb\r\n Size/MD5: 710240 a69b147b9aa4e84755128b20cf8d6cc0\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls_7.15.1-1ubuntu3.1_sparc.deb\r\n Size/MD5: 163088 2dc3c7c08147eb59e3b10df00a84380d\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-openssl-dev_7.15.1-1ubuntu3.1_sparc.deb\r\n Size/MD5: 714840 ef9596a90e8f5d3872dbb533c2e3a785\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3_7.15.1-1ubuntu3.1_sparc.deb\r\n Size/MD5: 167244 0eb1ef9b9f24c1ce216bfac5ac61a770\r\n\r\nUpdated packages for Ubuntu 7.10:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.16.4-2ubuntu1.1.diff.gz\r\n Size/MD5: 23038 ec29fe4a6ce15381ee4d18977a01cf54\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.16.4-2ubuntu1.1.dsc\r\n Size/MD5: 1070 ee6f69c49d16d34809984d41ba9a95d9\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.16.4.orig.tar.gz\r\n Size/MD5: 2127522 b8f272cfe98fd5570447469e2faea844\r\n\r\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.16.4-2ubuntu1.1_amd64.deb\r\n Size/MD5: 175802 1031a8edbe06cac94c392dedc7453fe5\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dbg_7.16.4-2ubuntu1.1_amd64.deb\r\n Size/MD5: 1030904 97008fb6866a84bfc1bfc6aadc387c37\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls_7.16.4-2ubuntu1.1_amd64.deb\r\n Size/MD5: 180212 8879fd596ec6d374ecc3db7c590a4dee\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3_7.16.4-2ubuntu1.1_amd64.deb\r\n Size/MD5: 186854 216542e4ee0aa37b12dfceb9f782431f\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl4-gnutls-dev_7.16.4-2ubuntu1.1_amd64.deb\r\n Size/MD5: 828040 3bef020322ca21c8673b55bcde5a7555\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl4-openssl-dev_7.16.4-2ubuntu1.1_amd64.deb\r\n Size/MD5: 835418 03a845d4637949826e4b606675643351\r\n\r\n i386 architecture (x86 compatible Intel/AMD):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.16.4-2ubuntu1.1_i386.deb\r\n Size/MD5: 174936 a69d59cba07ca9611470fa45c441d41f\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dbg_7.16.4-2ubuntu1.1_i386.deb\r\n Size/MD5: 998270 4adafc7307dec5a9194e53d27046862a\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls_7.16.4-2ubuntu1.1_i386.deb\r\n Size/MD5: 176140 63ce96a012b6b57e14ada06f633293f8\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3_7.16.4-2ubuntu1.1_i386.deb\r\n Size/MD5: 182128 cc373dd8b1383abc9647b2755dcc82c2\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl4-gnutls-dev_7.16.4-2ubuntu1.1_i386.deb\r\n Size/MD5: 802764 b4f2f06c793123ffc85ecd754d27a799\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl4-openssl-dev_7.16.4-2ubuntu1.1_i386.deb\r\n Size/MD5: 808706 4cdc8ddd315dbd125b6dd6fd9254f584\r\n\r\n lpia architecture (Low Power Intel Architecture):\r\n\r\n http://ports.ubuntu.com/pool/main/c/curl/curl_7.16.4-2ubuntu1.1_lpia.deb\r\n Size/MD5: 174826 826bd0dc3bab6c9df46b737c99a4cc12\r\n http://ports.ubuntu.com/pool/main/c/curl/libcurl3-dbg_7.16.4-2ubuntu1.1_lpia.deb\r\n Size/MD5: 1016026 54999bbac5f7b80c03a450d0fa782e2c\r\n http://ports.ubuntu.com/pool/main/c/curl/libcurl3-gnutls_7.16.4-2ubuntu1.1_lpia.deb\r\n Size/MD5: 174294 4b881eab13f96f101f233b8d8066a1eb\r\n http://ports.ubuntu.com/pool/main/c/curl/libcurl3_7.16.4-2ubuntu1.1_lpia.deb\r\n Size/MD5: 180832 7e9738237d5a15b0117463d9c9067925\r\n http://ports.ubuntu.com/pool/main/c/curl/libcurl4-gnutls-dev_7.16.4-2ubuntu1.1_lpia.deb\r\n Size/MD5: 800482 8f79859acd3d9c5656c8776bd595aa17\r\n http://ports.ubuntu.com/pool/main/c/curl/libcurl4-openssl-dev_7.16.4-2ubuntu1.1_lpia.deb\r\n Size/MD5: 806612 d310180304c4688ad36b734a929514aa\r\n\r\n powerpc architecture (Apple Macintosh G3/G4/G5):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.16.4-2ubuntu1.1_powerpc.deb\r\n Size/MD5: 179486 e0fb5643133b30cc3e258820cf17d67d\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dbg_7.16.4-2ubuntu1.1_powerpc.deb\r\n Size/MD5: 1045612 845b188923e649bc8a165b8356e7f406\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls_7.16.4-2ubuntu1.1_powerpc.deb\r\n Size/MD5: 187794 cd8cd13657a67c0367bae7c821075cbb\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3_7.16.4-2ubuntu1.1_powerpc.deb\r\n Size/MD5: 193612 d4178d220ba2d1e12005387e9226a27b\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl4-gnutls-dev_7.16.4-2ubuntu1.1_powerpc.deb\r\n Size/MD5: 826054 ce04418fbb88124acc4705e9372ecd30\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl4-openssl-dev_7.16.4-2ubuntu1.1_powerpc.deb\r\n Size/MD5: 831906 3a8efee4daf4b2ca73165bd2ec1e2883\r\n\r\n sparc architecture (Sun SPARC/UltraSPARC):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.16.4-2ubuntu1.1_sparc.deb\r\n Size/MD5: 175644 6b184238aa16330227fa2ef555b6e558\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dbg_7.16.4-2ubuntu1.1_sparc.deb\r\n Size/MD5: 990958 66b0b3669cba60f631ed6a0a24617188\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls_7.16.4-2ubuntu1.1_sparc.deb\r\n Size/MD5: 174762 e8750cc8896cfcffce4815777ac3caee\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3_7.16.4-2ubuntu1.1_sparc.deb\r\n Size/MD5: 179512 c0e79f63b732fbbc405652f107878b84\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl4-gnutls-dev_7.16.4-2ubuntu1.1_sparc.deb\r\n Size/MD5: 808072 684fb0a815911676557b5debd393a1fe\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl4-openssl-dev_7.16.4-2ubuntu1.1_sparc.deb\r\n Size/MD5: 814506 1aa48c17a5be7a7373b045abfc18da3d\r\n\r\nUpdated packages for Ubuntu 8.04 LTS:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.18.0-1ubuntu2.1.diff.gz\r\n Size/MD5: 23694 d86f917e0253ba822db6d2424798463c\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.18.0-1ubuntu2.1.dsc\r\n Size/MD5: 1101 1a3e33be24181c7ffc8f7b60816e249d\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.18.0.orig.tar.gz\r\n Size/MD5: 2285430 76ff5a7fa2e00b25ded5302885d4c3e2\r\n\r\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.18.0-1ubuntu2.1_amd64.deb\r\n Size/MD5: 197866 101c380ab9d9ab90cd8eb29feb9b1afc\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dbg_7.18.0-1ubuntu2.1_amd64.deb\r\n Size/MD5: 1054384 bc98cdd6d1571106757d2411ad6ffd3c\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls_7.18.0-1ubuntu2.1_amd64.deb\r\n Size/MD5: 202642 f663841bc8e03556b2d41ef1d7260930\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3_7.18.0-1ubuntu2.1_amd64.deb\r\n Size/MD5: 209456 e8acd7503ad26b01aae5375b90178a48\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl4-gnutls-dev_7.18.0-1ubuntu2.1_amd64.deb\r\n Size/MD5: 896296 fd68ba64689210d59e867787ba4abb20\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl4-openssl-dev_7.18.0-1ubuntu2.1_amd64.deb\r\n Size/MD5: 904552 7644776a5d3a3b1922a3507a37ec05dc\r\n\r\n i386 architecture (x86 compatible Intel/AMD):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.18.0-1ubuntu2.1_i386.deb\r\n Size/MD5: 197074 00eb30ecbc6793f1d10bed5c8bbf5bf5\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dbg_7.18.0-1ubuntu2.1_i386.deb\r\n Size/MD5: 1039734 541d32169bfe1529dd2d4745a1226eb1\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls_7.18.0-1ubuntu2.1_i386.deb\r\n Size/MD5: 198480 b4ca187d0408dc35836646c5f966bf90\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3_7.18.0-1ubuntu2.1_i386.deb\r\n Size/MD5: 205782 c61cf64efc7baa7cb37a03bed19cfa6a\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl4-gnutls-dev_7.18.0-1ubuntu2.1_i386.deb\r\n Size/MD5: 870314 7e275b66161a6cf9c32fbdc4750805eb\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl4-openssl-dev_7.18.0-1ubuntu2.1_i386.deb\r\n Size/MD5: 877390 b8889ec5febb2da66b0dae49295e6844\r\n\r\n lpia architecture (Low Power Intel Architecture):\r\n\r\n http://ports.ubuntu.com/pool/main/c/curl/curl_7.18.0-1ubuntu2.1_lpia.deb\r\n Size/MD5: 196994 f85f088f37ed84c756fd75a5ba9c1829\r\n http://ports.ubuntu.com/pool/main/c/curl/libcurl3-dbg_7.18.0-1ubuntu2.1_lpia.deb\r\n Size/MD5: 1046972 f93a0314315ca010c1e000d6094b529e\r\n http://ports.ubuntu.com/pool/main/c/curl/libcurl3-gnutls_7.18.0-1ubuntu2.1_lpia.deb\r\n Size/MD5: 197474 bedb0ae75d50745d9070d598a7f3bbed\r\n http://ports.ubuntu.com/pool/main/c/curl/libcurl3_7.18.0-1ubuntu2.1_lpia.deb\r\n Size/MD5: 204090 7db96e2a1af5229b5c05fe332c30f756\r\n http://ports.ubuntu.com/pool/main/c/curl/libcurl4-gnutls-dev_7.18.0-1ubuntu2.1_lpia.deb\r\n Size/MD5: 869990 16be192ab09c1ca78a48d50b599b6868\r\n http://ports.ubuntu.com/pool/main/c/curl/libcurl4-openssl-dev_7.18.0-1ubuntu2.1_lpia.deb\r\n Size/MD5: 876092 896c0bbc2eee392cbac4a18b5996931b\r\n\r\n powerpc architecture (Apple Macintosh G3/G4/G5):\r\n\r\n http://ports.ubuntu.com/pool/main/c/curl/curl_7.18.0-1ubuntu2.1_powerpc.deb\r\n Size/MD5: 201932 c3f6e455e85ddc6e69daf3431ea58e74\r\n http://ports.ubuntu.com/pool/main/c/curl/libcurl3-dbg_7.18.0-1ubuntu2.1_powerpc.deb\r\n Size/MD5: 1063946 a5d52c748048bf586cedb02daf29fb7a\r\n http://ports.ubuntu.com/pool/main/c/curl/libcurl3-gnutls_7.18.0-1ubuntu2.1_powerpc.deb\r\n Size/MD5: 210994 5602b8c0c9979c0eba7eff319d5bc77e\r\n http://ports.ubuntu.com/pool/main/c/curl/libcurl3_7.18.0-1ubuntu2.1_powerpc.deb\r\n Size/MD5: 216006 8d65ea79097e0e635f75382d7aaecf6b\r\n http://ports.ubuntu.com/pool/main/c/curl/libcurl4-gnutls-dev_7.18.0-1ubuntu2.1_powerpc.deb\r\n Size/MD5: 895512 ef52c8d4b5a097751646d1174bca4c35\r\n http://ports.ubuntu.com/pool/main/c/curl/libcurl4-openssl-dev_7.18.0-1ubuntu2.1_powerpc.deb\r\n Size/MD5: 902650 dd88be6fee4e0382db0af0cc490877b0\r\n\r\n sparc architecture (Sun SPARC/UltraSPARC):\r\n\r\n http://ports.ubuntu.com/pool/main/c/curl/curl_7.18.0-1ubuntu2.1_sparc.deb\r\n Size/MD5: 197586 db78b2c9b6402e0f9ed9cb9bf7cd4872\r\n http://ports.ubuntu.com/pool/main/c/curl/libcurl3-dbg_7.18.0-1ubuntu2.1_sparc.deb\r\n Size/MD5: 1027024 0ead1406330f62ff04c0177d185a53a9\r\n http://ports.ubuntu.com/pool/main/c/curl/libcurl3-gnutls_7.18.0-1ubuntu2.1_sparc.deb\r\n Size/MD5: 196652 3e829cf092deb68935946eccb4471663\r\n http://ports.ubuntu.com/pool/main/c/curl/libcurl3_7.18.0-1ubuntu2.1_sparc.deb\r\n Size/MD5: 202218 ba4d43feba5bc66630d46766f1ae5dd3\r\n http://ports.ubuntu.com/pool/main/c/curl/libcurl4-gnutls-dev_7.18.0-1ubuntu2.1_sparc.deb\r\n Size/MD5: 877208 20b30bf93d62e6c2c165ee6be374435f\r\n http://ports.ubuntu.com/pool/main/c/curl/libcurl4-openssl-dev_7.18.0-1ubuntu2.1_sparc.deb\r\n Size/MD5: 883238 66b2bc1ab0da39b981e35aaf694e6b67\r\n\r\nUpdated packages for Ubuntu 8.10:\r\n\r\n Source archives:\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.18.2-1ubuntu4.1.diff.gz\r\n Size/MD5: 22211 6e74e8584ae7aebb6c14d3a114796454\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.18.2-1ubuntu4.1.dsc\r\n Size/MD5: 1491 9b355d2d245a85cbca121726652e7f8d\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.18.2.orig.tar.gz\r\n Size/MD5: 2273077 4fe99398a64a34613c9db7bd61bf6e3c\r\n\r\n amd64 architecture (Athlon64, Opteron, EM64T Xeon):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.18.2-1ubuntu4.1_amd64.deb\r\n Size/MD5: 210246 d67a5eb49a6f5e427bd1654007f455a7\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dbg_7.18.2-1ubuntu4.1_amd64.deb\r\n Size/MD5: 1124684 57f1830f3a2e4ffdec0180717f3191a0\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls_7.18.2-1ubuntu4.1_amd64.deb\r\n Size/MD5: 216106 e36ff6ee975146c248c293ce0f8cfc6b\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3_7.18.2-1ubuntu4.1_amd64.deb\r\n Size/MD5: 223206 56e2f570c4c989bca172cfc09a370d39\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl4-gnutls-dev_7.18.2-1ubuntu4.1_amd64.deb\r\n Size/MD5: 926082 5cc5411540ce23be3354b1f4d5fc041f\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl4-openssl-dev_7.18.2-1ubuntu4.1_amd64.deb\r\n Size/MD5: 933036 adcb522fbbb4f3ab68b4fa8af804d5b7\r\n\r\n i386 architecture (x86 compatible Intel/AMD):\r\n\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/curl_7.18.2-1ubuntu4.1_i386.deb\r\n Size/MD5: 209080 80b442fba7924160f234f6d2fc5be8ea\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-dbg_7.18.2-1ubuntu4.1_i386.deb\r\n Size/MD5: 1091876 d294a4ad45febe82279359741d6958c4\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3-gnutls_7.18.2-1ubuntu4.1_i386.deb\r\n Size/MD5: 212550 7c5a86d097564f4563cd4992c65544a9\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl3_7.18.2-1ubuntu4.1_i386.deb\r\n Size/MD5: 219490 83026954c17912ed54036e2f81118310\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl4-gnutls-dev_7.18.2-1ubuntu4.1_i386.deb\r\n Size/MD5: 899576 bb001dda2e0e9def2d08f99497adfbcd\r\n http://security.ubuntu.com/ubuntu/pool/main/c/curl/libcurl4-openssl-dev_7.18.2-1ubuntu4.1_i386.deb\r\n Size/MD5: 905326 74ff52579922240c1a034c0f223b1a1a\r\n\r\n lpia architecture (Low Power Intel Architecture):\r\n\r\n http://ports.ubuntu.com/pool/main/c/curl/curl_7.18.2-1ubuntu4.1_lpia.deb\r\n Size/MD5: 208732 cdc604e918825dd8ca06fb07b69d90ba\r\n http://ports.ubuntu.com/pool/main/c/curl/libcurl3-dbg_7.18.2-1ubuntu4.1_lpia.deb\r\n Size/MD5: 1099032 5e1a71fa663f6f21944bf7078c57aebe\r\n http://ports.ubuntu.com/pool/main/c/curl/libcurl3-gnutls_7.18.2-1ubuntu4.1_lpia.deb\r\n Size/MD5: 210790 2486bf054d91bf5e5cd32fae20d2002a\r\n http://ports.ubuntu.com/pool/main/c/curl/libcurl3_7.18.2-1ubuntu4.1_lpia.deb\r\n Size/MD5: 217316 32814e9da3f6ea13b6b2a77e872f92fc\r\n http://ports.ubuntu.com/pool/main/c/curl/libcurl4-gnutls-dev_7.18.2-1ubuntu4.1_lpia.deb\r\n Size/MD5: 898464 3028bc84dcbc05a2a65d50f49f0ed2f0\r\n http://ports.ubuntu.com/pool/main/c/curl/libcurl4-openssl-dev_7.18.2-1ubuntu4.1_lpia.deb\r\n Size/MD5: 903772 00495fb44aba7d390ddb7643de104fca\r\n\r\n powerpc architecture (Apple Macintosh G3/G4/G5):\r\n\r\n http://ports.ubuntu.com/pool/main/c/curl/curl_7.18.2-1ubuntu4.1_powerpc.deb\r\n Size/MD5: 212494 c0ad35c9fbaa7afeb9247b948bf3720e\r\n http://ports.ubuntu.com/pool/main/c/curl/libcurl3-dbg_7.18.2-1ubuntu4.1_powerpc.deb\r\n Size/MD5: 1130288 8a65d0227f3697b505e4634cff6831fd\r\n http://ports.ubuntu.com/pool/main/c/curl/libcurl3-gnutls_7.18.2-1ubuntu4.1_powerpc.deb\r\n Size/MD5: 223618 b5d5085350540d988abc19c5dcb04ea6\r\n http://ports.ubuntu.com/pool/main/c/curl/libcurl3_7.18.2-1ubuntu4.1_powerpc.deb\r\n Size/MD5: 229464 8053abc5beb65a37ea489eeec41ab2c2\r\n http://ports.ubuntu.com/pool/main/c/curl/libcurl4-gnutls-dev_7.18.2-1ubuntu4.1_powerpc.deb\r\n Size/MD5: 925362 8277d9fb3b898cf90e4fa46ffcf71147\r\n http://ports.ubuntu.com/pool/main/c/curl/libcurl4-openssl-dev_7.18.2-1ubuntu4.1_powerpc.deb\r\n Size/MD5: 931700 13f3edf118024e221d7f45abd05c0e7e\r\n\r\n sparc architecture (Sun SPARC/UltraSPARC):\r\n\r\n http://ports.ubuntu.com/pool/main/c/curl/curl_7.18.2-1ubuntu4.1_sparc.deb\r\n Size/MD5: 209542 6478e46bb2850c50f7b4def0d86b730b\r\n http://ports.ubuntu.com/pool/main/c/curl/libcurl3-dbg_7.18.2-1ubuntu4.1_sparc.deb\r\n Size/MD5: 1072458 5eaf45a5c000a1f8b0d09bbab983b8ae\r\n http://ports.ubuntu.com/pool/main/c/curl/libcurl3-gnutls_7.18.2-1ubuntu4.1_sparc.deb\r\n Size/MD5: 209228 83c8fcd128286fd77d9983fff53d9563\r\n http://ports.ubuntu.com/pool/main/c/curl/libcurl3_7.18.2-1ubuntu4.1_sparc.deb\r\n Size/MD5: 213982 bf031afa898326f814e2dea63fdc0523\r\n http://ports.ubuntu.com/pool/main/c/curl/libcurl4-gnutls-dev_7.18.2-1ubuntu4.1_sparc.deb\r\n Size/MD5: 904780 f3ac8d6aab6a12a4b8462152e38463a9\r\n http://ports.ubuntu.com/pool/main/c/curl/libcurl4-openssl-dev_7.18.2-1ubuntu4.1_sparc.deb\r\n Size/MD5: 909856 c991e46b6bb3a47c79e7615f398de261\r\n\r\n", "edition": 1, "modified": "2009-03-04T00:00:00", "published": "2009-03-04T00:00:00", "id": "SECURITYVULNS:DOC:21422", "href": "https://vulners.com/securityvulns/SECURITYVULNS:DOC:21422", "title": "[USN-726-1] curl vulnerability", "type": "securityvulns", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-08-31T11:09:32", "bulletinFamily": "software", "cvelist": ["CVE-2009-0037"], "description": "Access restrictons can be bypassed with redirections.", "edition": 1, "modified": "2009-03-04T00:00:00", "published": "2009-03-04T00:00:00", "id": "SECURITYVULNS:VULN:9710", "href": "https://vulners.com/securityvulns/SECURITYVULNS:VULN:9710", "title": "curl protection bypass", "type": "securityvulns", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "centos": [{"lastseen": "2019-12-20T18:24:21", "bulletinFamily": "unix", "cvelist": ["CVE-2009-0037"], "description": "**CentOS Errata and Security Advisory** CESA-2009:0341\n\n\ncURL is a tool for getting files from FTP, HTTP, Gopher, Telnet, and Dict\nservers, using any of the supported protocols. cURL is designed to work\nwithout user interaction or any kind of interactivity.\n\nDavid Kierznowski discovered a flaw in libcurl where it would not\ndifferentiate between different target URLs when handling automatic\nredirects. This caused libcurl to follow any new URL that it understood,\nincluding the \"file://\" URL type. This could allow a remote server to force\na local libcurl-using application to read a local file instead of the\nremote one, possibly exposing local files that were not meant to be\nexposed. (CVE-2009-0037)\n\nNote: Applications using libcurl that are expected to follow redirects to\n\"file://\" protocol must now explicitly call curl_easy_setopt(3) and set the\nnewly introduced CURLOPT_REDIR_PROTOCOLS option as required.\n\ncURL users should upgrade to these updated packages, which contain\nbackported patches to correct these issues. All running applications using\nlibcurl must be restarted for the update to take effect.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-April/027846.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-April/027847.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-March/027724.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-March/027725.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-March/027728.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-March/027729.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-March/027732.html\nhttp://lists.centos.org/pipermail/centos-announce/2009-March/027733.html\n\n**Affected packages:**\ncurl\ncurl-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/RHSA-2009-0341.html", "edition": 4, "modified": "2009-04-20T18:53:33", "published": "2009-03-19T16:55:16", "href": "http://lists.centos.org/pipermail/centos-announce/2009-March/027724.html", "id": "CESA-2009:0341", "title": "curl security update", "type": "centos", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2019-12-20T18:27:37", "bulletinFamily": "unix", "cvelist": ["CVE-2009-0037"], "description": "**CentOS Errata and Security Advisory** CESA-2009:0341-01\n\n\ncURL is a tool for getting files from FTP, HTTP, Gopher, Telnet, and Dict\nservers, using any of the supported protocols. cURL is designed to work\nwithout user interaction or any kind of interactivity.\n\nDavid Kierznowski discovered a flaw in libcurl where it would not\ndifferentiate between different target URLs when handling automatic\nredirects. This caused libcurl to follow any new URL that it understood,\nincluding the \"file://\" URL type. This could allow a remote server to force\na local libcurl-using application to read a local file instead of the\nremote one, possibly exposing local files that were not meant to be\nexposed. (CVE-2009-0037)\n\nNote: Applications using libcurl that are expected to follow redirects to\n\"file://\" protocol must now explicitly call curl_easy_setopt(3) and set the\nnewly introduced CURLOPT_REDIR_PROTOCOLS option as required.\n\ncURL users should upgrade to these updated packages, which contain\nbackported patches to correct these issues. All running applications using\nlibcurl must be restarted for the update to take effect.\n\n**Merged security bulletin from advisories:**\nhttp://lists.centos.org/pipermail/centos-announce/2009-March/027736.html\n\n**Affected packages:**\ncurl\ncurl-devel\n\n**Upstream details at:**\nhttps://rhn.redhat.com/errata/rh21as-errata.html", "edition": 4, "modified": "2009-03-24T04:11:36", "published": "2009-03-24T04:11:36", "href": "http://lists.centos.org/pipermail/centos-announce/2009-March/027736.html", "id": "CESA-2009:0341-01", "title": "curl security update", "type": "centos", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "oraclelinux": [{"lastseen": "2019-05-29T18:35:21", "bulletinFamily": "unix", "cvelist": ["CVE-2009-0037"], "description": "[7.15.5-2.1.el5_3.4]\n- another correction of the patch for CVE-2009-0037\n[7.15.5-2.1.el5_3.3]\n- forwardport one hunk from upstream curl-7.15.1\nRelated: #485290\n[7.15.5-2.1.el5_3.2]\n- fix hunk applied to wrong place due to nonzero patch fuzz\nRelated: #485289\n[7.15.5-2.1.el5_3.1]\n- fix CVE-2009-0037\nResolves: #485289 ", "edition": 4, "modified": "2009-03-19T00:00:00", "published": "2009-03-19T00:00:00", "id": "ELSA-2009-0341", "href": "http://linux.oracle.com/errata/ELSA-2009-0341.html", "title": "curl security update", "type": "oraclelinux", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "redhat": [{"lastseen": "2019-08-13T18:46:53", "bulletinFamily": "unix", "cvelist": ["CVE-2009-0037"], "description": "cURL is a tool for getting files from FTP, HTTP, Gopher, Telnet, and Dict\nservers, using any of the supported protocols. cURL is designed to work\nwithout user interaction or any kind of interactivity.\n\nDavid Kierznowski discovered a flaw in libcurl where it would not\ndifferentiate between different target URLs when handling automatic\nredirects. This caused libcurl to follow any new URL that it understood,\nincluding the \"file://\" URL type. This could allow a remote server to force\na local libcurl-using application to read a local file instead of the\nremote one, possibly exposing local files that were not meant to be\nexposed. (CVE-2009-0037)\n\nNote: Applications using libcurl that are expected to follow redirects to\n\"file://\" protocol must now explicitly call curl_easy_setopt(3) and set the\nnewly introduced CURLOPT_REDIR_PROTOCOLS option as required.\n\ncURL users should upgrade to these updated packages, which contain\nbackported patches to correct these issues. All running applications using\nlibcurl must be restarted for the update to take effect.", "modified": "2019-03-22T23:43:10", "published": "2009-03-19T04:00:00", "id": "RHSA-2009:0341", "href": "https://access.redhat.com/errata/RHSA-2009:0341", "type": "redhat", "title": "(RHSA-2009:0341) Moderate: curl security update", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "gentoo": [{"lastseen": "2016-09-06T19:46:57", "bulletinFamily": "unix", "cvelist": ["CVE-2009-0037"], "description": "### Background\n\ncURL is a command line tool for transferring files with URL syntax, supporting numerous protocols. \n\n### Description\n\nDavid Kierznowski reported that the redirect implementation accepts arbitrary Location values when CURLOPT_FOLLOWLOCATION is enabled. \n\n### Impact\n\nA remote attacker could possibly exploit this vulnerability to make remote HTTP servers trigger arbitrary requests to intranet servers and read or overwrite arbitrary files via a redirect to a file: URL, or, if the libssh2 USE flag is enabled, execute arbitrary commands via a redirect to an scp: URL. \n\n### Workaround\n\nThere is no known workaround at this time. \n\n### Resolution\n\nAll cURL users should upgrade to the latest version: \n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-misc/curl-7.19.4\"", "edition": 1, "modified": "2009-03-09T00:00:00", "published": "2009-03-09T00:00:00", "id": "GLSA-200903-21", "href": "https://security.gentoo.org/glsa/200903-21", "type": "gentoo", "title": "cURL: Arbitrary file access", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "freebsd": [{"lastseen": "2019-05-29T18:34:17", "bulletinFamily": "unix", "cvelist": ["CVE-2009-0037"], "description": "\nSecunia reports:\n\nThe security issue is caused due to cURL following HTTP Location:\n\t redirects to e.g. scp:// or file:// URLs which can be exploited\n\t by a malicious HTTP server to overwrite or disclose the content of\n\t arbitrary local files and potentially execute arbitrary commands via\n\t specially crafted redirect URLs.\n\n", "edition": 4, "modified": "2009-03-03T00:00:00", "published": "2009-03-03T00:00:00", "id": "5D433534-F41C-402E-ADE5-E0A2259A7CB6", "href": "https://vuxml.freebsd.org/freebsd/5d433534-f41c-402e-ade5-e0a2259a7cb6.html", "title": "curl -- cURL/libcURL Location: Redirect URLs Security Bypass", "type": "freebsd", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2009-0037"], "description": "cURL is a tool for getting files from HTTP, FTP, FILE, LDAP, LDAPS, DICT, TELNET and TFTP servers, using any of the supported protocols. cURL is designed to work without user interaction or any kind of interactivity. cURL offers many useful capabilities, like proxy support, user authentication, FTP upload, HTTP post, and file transfer resume. ", "modified": "2009-03-05T20:24:48", "published": "2009-03-05T20:24:48", "id": "FEDORA:BCA8820820B", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 10 Update: curl-7.19.4-1.fc10", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-12-21T08:17:49", "bulletinFamily": "unix", "cvelist": ["CVE-2009-0037"], "description": "cURL is a tool for getting files from HTTP, FTP, FILE, LDAP, LDAPS, DICT, TELNET and TFTP servers, using any of the supported protocols. cURL is designed to work without user interaction or any kind of interactivity. cURL offers many useful capabilities, like proxy support, user authentication, FTP upload, HTTP post, and file transfer resume. ", "modified": "2009-03-05T20:26:29", "published": "2009-03-05T20:26:29", "id": "FEDORA:ABA7B208545", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 9 Update: curl-7.19.4-1.fc9", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "openvas": [{"lastseen": "2019-05-29T18:39:18", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0037"], "description": "The remote host is missing an update as announced\nvia advisory SSA:2009-069-01.", "modified": "2019-03-15T00:00:00", "published": "2012-09-11T00:00:00", "id": "OPENVAS:136141256231063561", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063561", "type": "openvas", "title": "Slackware Advisory SSA:2009-069-01 curl", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: esoft_slk_ssa_2009_069_01.nasl 14202 2019-03-15 09:16:15Z cfischer $\n# Description: Auto-generated from the corresponding slackware advisory\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63561\");\n script_tag(name:\"creation_date\", value:\"2012-09-11 01:34:21 +0200 (Tue, 11 Sep 2012)\");\n script_tag(name:\"last_modification\", value:\"$Date: 2019-03-15 10:16:15 +0100 (Fri, 15 Mar 2019) $\");\n script_cve_id(\"CVE-2009-0037\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_version(\"$Revision: 14202 $\");\n script_name(\"Slackware Advisory SSA:2009-069-01 curl\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (c) 2012 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Slackware Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/slackware_linux\", \"ssh/login/slackpack\", re:\"ssh/login/release=SLK(9\\.1|10\\.0|10\\.1|10\\.2|11\\.0|12\\.0|12\\.1|12\\.2)\");\n\n script_xref(name:\"URL\", value:\"https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2009-069-01\");\n\n script_tag(name:\"insight\", value:\"New curl packages are available for Slackware 9.1, 10.0, 10.1, 10.2, 11.0,\n12.0, 12.1, 12.2, and -current to fix a security issue.\");\n\n script_tag(name:\"solution\", value:\"Upgrade to the new package(s).\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update as announced\nvia advisory SSA:2009-069-01.\");\n\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-slack.inc\");\n\nreport = \"\";\nres = \"\";\n\nif((res = isslkpkgvuln(pkg:\"curl\", ver:\"7.10.7-i486-3_slack9.1\", rls:\"SLK9.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"curl\", ver:\"7.12.2-i486-3_slack10.0\", rls:\"SLK10.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"curl\", ver:\"7.12.2-i486-3_slack10.1\", rls:\"SLK10.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"curl\", ver:\"7.12.2-i486-3_slack10.2\", rls:\"SLK10.2\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"curl\", ver:\"7.15.5-i486-2_slack11.0\", rls:\"SLK11.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"curl\", ver:\"7.16.2-i486-2_slack12.0\", rls:\"SLK12.0\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"curl\", ver:\"7.16.2-i486-2_slack12.1\", rls:\"SLK12.1\")) != NULL) {\n report += res;\n}\nif((res = isslkpkgvuln(pkg:\"curl\", ver:\"7.19.4-i486-1_slack12.2\", rls:\"SLK12.2\")) != NULL) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2018-04-06T11:39:13", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0037"], "description": "The remote host is missing an update to curl\nannounced via advisory FEDORA-2009-2247.", "modified": "2018-04-06T00:00:00", "published": "2009-03-07T00:00:00", "id": "OPENVAS:136141256231063494", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063494", "type": "openvas", "title": "Fedora Core 10 FEDORA-2009-2247 (curl)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_2247.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-2247 (curl)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nUpdate to curl-7.19.4 fixes CVE-2009-0037.\n\nChangeLog:\n\n* Tue Mar 3 2009 Jindrich Novy 7.19.4-1\n- update to 7.19.4 (fixes CVE-2009-0037)\n- fix leak in curl_easy* functions, thanks to Kamil Dudka\n- drop nss-proxy, sslgen, nss-init patches\n- update badsocket patch\n* Mon Dec 15 2008 Jindrich Novy 7.18.2-9\n- release++ because of tag conflict caused by f10/rawhide branch split\n* Sun Dec 14 2008 Jindrich Novy 7.18.2-8\n- use improved NSS patch, thanks to Rob Crittenden (#472489)\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update curl' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-2247\";\ntag_summary = \"The remote host is missing an update to curl\nannounced via advisory FEDORA-2009-2247.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63494\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-07 21:47:03 +0100 (Sat, 07 Mar 2009)\");\n script_cve_id(\"CVE-2009-0037\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Core 10 FEDORA-2009-2247 (curl)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=485271\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"curl\", rpm:\"curl~7.19.4~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libcurl\", rpm:\"libcurl~7.19.4~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libcurl-devel\", rpm:\"libcurl-devel~7.19.4~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"curl-debuginfo\", rpm:\"curl-debuginfo~7.19.4~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-27T10:55:52", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0037"], "description": "The remote host is missing updates announced in\nadvisory RHSA-2009:0341.\n\ncURL is a tool for getting files from FTP, HTTP, Gopher, Telnet, and Dict\nservers, using any of the supported protocols. cURL is designed to work\nwithout user interaction or any kind of interactivity.\n\nDavid Kierznowski discovered a flaw in libcurl where it would not\ndifferentiate between different target URLs when handling automatic\nredirects. This caused libcurl to follow any new URL that it understood,\nincluding the file:// URL type. This could allow a remote server to force\na local libcurl-using application to read a local file instead of the\nremote one, possibly exposing local files that were not meant to be\nexposed. (CVE-2009-0037)\n\nNote: Applications using libcurl that are expected to follow redirects to\nfile:// protocol must now explicitly call curl_easy_setopt(3) and set the\nnewly introduced CURLOPT_REDIR_PROTOCOLS option as required.\n\ncURL users should upgrade to these updated packages, which contain\nbackported patches to correct these issues. All running applications using\nlibcurl must be restarted for the update to take effect.", "modified": "2017-07-12T00:00:00", "published": "2009-03-20T00:00:00", "id": "OPENVAS:63584", "href": "http://plugins.openvas.org/nasl.php?oid=63584", "type": "openvas", "title": "RedHat Security Advisory RHSA-2009:0341", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: RHSA_2009_0341.nasl 6683 2017-07-12 09:41:57Z cfischer $\n# Description: Auto-generated from advisory RHSA-2009:0341 ()\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates announced in\nadvisory RHSA-2009:0341.\n\ncURL is a tool for getting files from FTP, HTTP, Gopher, Telnet, and Dict\nservers, using any of the supported protocols. cURL is designed to work\nwithout user interaction or any kind of interactivity.\n\nDavid Kierznowski discovered a flaw in libcurl where it would not\ndifferentiate between different target URLs when handling automatic\nredirects. This caused libcurl to follow any new URL that it understood,\nincluding the file:// URL type. This could allow a remote server to force\na local libcurl-using application to read a local file instead of the\nremote one, possibly exposing local files that were not meant to be\nexposed. (CVE-2009-0037)\n\nNote: Applications using libcurl that are expected to follow redirects to\nfile:// protocol must now explicitly call curl_easy_setopt(3) and set the\nnewly introduced CURLOPT_REDIR_PROTOCOLS option as required.\n\ncURL users should upgrade to these updated packages, which contain\nbackported patches to correct these issues. All running applications using\nlibcurl must be restarted for the update to take effect.\";\n\ntag_solution = \"Please note that this update is available via\nRed Hat Network. To use Red Hat Network, launch the Red\nHat Update Agent with the following command: up2date\";\n\n\n\nif(description)\n{\n script_id(63584);\n script_version(\"$Revision: 6683 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-12 11:41:57 +0200 (Wed, 12 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-20 00:52:38 +0100 (Fri, 20 Mar 2009)\");\n script_cve_id(\"CVE-2009-0037\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"RedHat Security Advisory RHSA-2009:0341\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Red Hat Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/rhel\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"http://rhn.redhat.com/errata/RHSA-2009-0341.html\");\n script_xref(name : \"URL\" , value : \"http://www.redhat.com/security/updates/classification/#moderate\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"curl\", rpm:\"curl~7.8~3.rhel2\", rls:\"RHENT_2.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"curl-devel\", rpm:\"curl-devel~7.8~3.rhel2\", rls:\"RHENT_2.1\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"curl\", rpm:\"curl~7.10.6~9.rhel3\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"curl-debuginfo\", rpm:\"curl-debuginfo~7.10.6~9.rhel3\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"curl-devel\", rpm:\"curl-devel~7.10.6~9.rhel3\", rls:\"RHENT_3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"curl\", rpm:\"curl~7.12.1~11.1.el4_7.1\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"curl-debuginfo\", rpm:\"curl-debuginfo~7.12.1~11.1.el4_7.1\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"curl-devel\", rpm:\"curl-devel~7.12.1~11.1.el4_7.1\", rls:\"RHENT_4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"curl\", rpm:\"curl~7.15.5~2.1.el5_3.4\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"curl-debuginfo\", rpm:\"curl-debuginfo~7.15.5~2.1.el5_3.4\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"curl-devel\", rpm:\"curl-devel~7.15.5~2.1.el5_3.4\", rls:\"RHENT_5\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:40:44", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0037"], "description": "The remote host is missing updates to Moderate announced in\nadvisory CESA-2009:0341-01.", "modified": "2018-04-06T00:00:00", "published": "2009-03-31T00:00:00", "id": "OPENVAS:136141256231063708", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063708", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:0341-01 (Moderate)", "sourceData": "#CESA-2009:0341-01 63708 1\n# $Id: ovcesa2009_0341_01.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:0341-01 (Moderate)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:0341-01\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:0341\nhttps://rhn.redhat.com/errata/rh21as-errata.html\";\ntag_summary = \"The remote host is missing updates to Moderate announced in\nadvisory CESA-2009:0341-01.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63708\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-31 19:20:21 +0200 (Tue, 31 Mar 2009)\");\n script_cve_id(\"CVE-2009-0037\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"CentOS Security Advisory CESA-2009:0341-01 (Moderate)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"curl\", rpm:\"curl~7.8~3.rhel2\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"curl-devel\", rpm:\"curl-devel~7.8~3.rhel2\", rls:\"CentOS2\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-24T12:56:58", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0037"], "description": "The remote host is missing an update to curl\nannounced via advisory DSA 1738-1.", "modified": "2017-07-07T00:00:00", "published": "2009-03-20T00:00:00", "id": "OPENVAS:63577", "href": "http://plugins.openvas.org/nasl.php?oid=63577", "type": "openvas", "title": "Debian Security Advisory DSA 1738-1 (curl)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1738_1.nasl 6615 2017-07-07 12:09:52Z cfischer $\n# Description: Auto-generated from advisory DSA 1738-1 (curl)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"David Kierznowski discovered that libcurl, a multi-protocol file transfer\nlibrary, when configured to follow URL redirects automatically, does not\nquestion the new target location. As libcurl also supports file:// and\nscp:// URLs - depending on the setup - an untrusted server could use that\nto expose local files, overwrite local files or even execute arbitrary\ncode via a malicious URL redirect.\n\nThis update introduces a new option called CURLOPT_REDIR_PROTOCOLS which by\ndefault does not include the scp and file protocol handlers.\n\n\nFor the oldstable distribution (etch) this problem has been fixed in\nversion 7.15.5-1etch2.\n\nFor the stable distribution (lenny) this problem has been fixed in\nversion 7.18.2-8lenny2.\n\nFor the unstable distribution (sid) this problem has been fixed in\nversion 7.18.2-8.1.\n\nWe recommend that you upgrade your curl packages.\";\ntag_summary = \"The remote host is missing an update to curl\nannounced via advisory DSA 1738-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201738-1\";\n\n\nif(description)\n{\n script_id(63577);\n script_version(\"$Revision: 6615 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:09:52 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-20 00:52:38 +0100 (Fri, 20 Mar 2009)\");\n script_cve_id(\"CVE-2009-0037\");\n script_bugtraq_id(33962);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Debian Security Advisory DSA 1738-1 (curl)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libcurl3-dev\", ver:\"7.15.5-1etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"curl\", ver:\"7.15.5-1etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcurl3-dbg\", ver:\"7.15.5-1etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcurl3-openssl-dev\", ver:\"7.15.5-1etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcurl3-gnutls-dev\", ver:\"7.15.5-1etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcurl3\", ver:\"7.15.5-1etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcurl3-gnutls\", ver:\"7.15.5-1etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"curl\", ver:\"7.18.2-8lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcurl3-gnutls\", ver:\"7.18.2-8lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcurl4-openssl-dev\", ver:\"7.18.2-8lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcurl3-dbg\", ver:\"7.18.2-8lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcurl3\", ver:\"7.18.2-8lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcurl4-gnutls-dev\", ver:\"7.18.2-8lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:39:50", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0037"], "description": "The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n curl\n libcurl4\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/", "modified": "2018-04-06T00:00:00", "published": "2009-10-11T00:00:00", "id": "OPENVAS:136141256231065633", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231065633", "type": "openvas", "title": "SLES11: Security update for curl", "sourceData": "#\n#VID 4b5434075393861d396c976f9f14744f\n# OpenVAS Vulnerability Test\n# $\n# Description: Security update for curl\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisories, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_summary = \"The remote host is missing updates to packages that affect\nthe security of your system. One or more of the following packages\nare affected:\n\n curl\n libcurl4\n\n\nMore details may also be found by searching for the SuSE\nEnterprise Server 11 patch database located at\nhttp://download.novell.com/patch/finder/\";\n\ntag_solution = \"Please install the updates provided by SuSE.\";\n\nif(description)\n{\n script_xref(name : \"URL\" , value : \"https://bugzilla.novell.com/show_bug.cgi?id=475103\");\n script_oid(\"1.3.6.1.4.1.25623.1.0.65633\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-10-11 22:58:51 +0200 (Sun, 11 Oct 2009)\");\n script_cve_id(\"CVE-2009-0037\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"SLES11: Security update for curl\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse_sles\", \"ssh/login/rpms\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"curl\", rpm:\"curl~7.19.0~11.21.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libcurl4\", rpm:\"libcurl4~7.19.0~11.21.1\", rls:\"SLES11.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:39:53", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0037"], "description": "The remote host is missing an update to curl\nannounced via advisory DSA 1738-1.", "modified": "2018-04-06T00:00:00", "published": "2009-03-20T00:00:00", "id": "OPENVAS:136141256231063577", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063577", "type": "openvas", "title": "Debian Security Advisory DSA 1738-1 (curl)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_1738_1.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory DSA 1738-1 (curl)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"David Kierznowski discovered that libcurl, a multi-protocol file transfer\nlibrary, when configured to follow URL redirects automatically, does not\nquestion the new target location. As libcurl also supports file:// and\nscp:// URLs - depending on the setup - an untrusted server could use that\nto expose local files, overwrite local files or even execute arbitrary\ncode via a malicious URL redirect.\n\nThis update introduces a new option called CURLOPT_REDIR_PROTOCOLS which by\ndefault does not include the scp and file protocol handlers.\n\n\nFor the oldstable distribution (etch) this problem has been fixed in\nversion 7.15.5-1etch2.\n\nFor the stable distribution (lenny) this problem has been fixed in\nversion 7.18.2-8lenny2.\n\nFor the unstable distribution (sid) this problem has been fixed in\nversion 7.18.2-8.1.\n\nWe recommend that you upgrade your curl packages.\";\ntag_summary = \"The remote host is missing an update to curl\nannounced via advisory DSA 1738-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%201738-1\";\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63577\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-20 00:52:38 +0100 (Fri, 20 Mar 2009)\");\n script_cve_id(\"CVE-2009-0037\");\n script_bugtraq_id(33962);\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Debian Security Advisory DSA 1738-1 (curl)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"libcurl3-dev\", ver:\"7.15.5-1etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"curl\", ver:\"7.15.5-1etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcurl3-dbg\", ver:\"7.15.5-1etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcurl3-openssl-dev\", ver:\"7.15.5-1etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcurl3-gnutls-dev\", ver:\"7.15.5-1etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcurl3\", ver:\"7.15.5-1etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcurl3-gnutls\", ver:\"7.15.5-1etch2\", rls:\"DEB4.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"curl\", ver:\"7.18.2-8lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcurl3-gnutls\", ver:\"7.18.2-8lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcurl4-openssl-dev\", ver:\"7.18.2-8lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcurl3-dbg\", ver:\"7.18.2-8lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcurl3\", ver:\"7.18.2-8lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"libcurl4-gnutls-dev\", ver:\"7.18.2-8lenny2\", rls:\"DEB5.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:57:14", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0037"], "description": "The remote host is missing an update to curl\nannounced via advisory FEDORA-2009-2265.", "modified": "2017-07-10T00:00:00", "published": "2009-03-07T00:00:00", "id": "OPENVAS:63495", "href": "http://plugins.openvas.org/nasl.php?oid=63495", "type": "openvas", "title": "Fedora Core 9 FEDORA-2009-2265 (curl)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_2265.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-2265 (curl)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update to curl-7.19.4 fixes CVE-2009-0037.\n\nChangeLog:\n\n* Tue Mar 3 2009 Jindrich Novy 7.19.4-1\n- update to 7.19.4 (fixes CVE-2009-0037)\n- fix leak in curl_easy* functions, thanks to Kamil Dudka\n- drop nss-proxy, sslgen, nss-init patches\n- update badsocket patch\n* Sun Dec 14 2008 Jindrich Novy 7.18.2-7\n- use improved NSS patch, thanks to Rob Crittenden (#472489)\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update curl' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-2265\";\ntag_summary = \"The remote host is missing an update to curl\nannounced via advisory FEDORA-2009-2265.\";\n\n\n\nif(description)\n{\n script_id(63495);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-07 21:47:03 +0100 (Sat, 07 Mar 2009)\");\n script_cve_id(\"CVE-2009-0037\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Core 9 FEDORA-2009-2265 (curl)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=485271\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"curl\", rpm:\"curl~7.19.4~1.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libcurl\", rpm:\"libcurl~7.19.4~1.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libcurl-devel\", rpm:\"libcurl-devel~7.19.4~1.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"curl-debuginfo\", rpm:\"curl-debuginfo~7.19.4~1.fc9\", rls:\"FC9\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2017-07-25T10:56:44", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0037"], "description": "The remote host is missing an update to curl\nannounced via advisory FEDORA-2009-2247.", "modified": "2017-07-10T00:00:00", "published": "2009-03-07T00:00:00", "id": "OPENVAS:63494", "href": "http://plugins.openvas.org/nasl.php?oid=63494", "type": "openvas", "title": "Fedora Core 10 FEDORA-2009-2247 (curl)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: fcore_2009_2247.nasl 6624 2017-07-10 06:11:55Z cfischer $\n# Description: Auto-generated from advisory FEDORA-2009-2247 (curl)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Update Information:\n\nUpdate to curl-7.19.4 fixes CVE-2009-0037.\n\nChangeLog:\n\n* Tue Mar 3 2009 Jindrich Novy 7.19.4-1\n- update to 7.19.4 (fixes CVE-2009-0037)\n- fix leak in curl_easy* functions, thanks to Kamil Dudka\n- drop nss-proxy, sslgen, nss-init patches\n- update badsocket patch\n* Mon Dec 15 2008 Jindrich Novy 7.18.2-9\n- release++ because of tag conflict caused by f10/rawhide branch split\n* Sun Dec 14 2008 Jindrich Novy 7.18.2-8\n- use improved NSS patch, thanks to Rob Crittenden (#472489)\";\ntag_solution = \"Apply the appropriate updates.\n\nThis update can be installed with the yum update program. Use \nsu -c 'yum update curl' at the command line.\nFor more information, refer to Managing Software with yum,\navailable at http://docs.fedoraproject.org/yum/.\n\nhttps://secure1.securityspace.com/smysecure/catid.html?in=FEDORA-2009-2247\";\ntag_summary = \"The remote host is missing an update to curl\nannounced via advisory FEDORA-2009-2247.\";\n\n\n\nif(description)\n{\n script_id(63494);\n script_version(\"$Revision: 6624 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-10 08:11:55 +0200 (Mon, 10 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-07 21:47:03 +0100 (Sat, 07 Mar 2009)\");\n script_cve_id(\"CVE-2009-0037\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"Fedora Core 10 FEDORA-2009-2247 (curl)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_xref(name : \"URL\" , value : \"https://bugzilla.redhat.com/show_bug.cgi?id=485271\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"curl\", rpm:\"curl~7.19.4~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libcurl\", rpm:\"libcurl~7.19.4~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"libcurl-devel\", rpm:\"libcurl-devel~7.19.4~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"curl-debuginfo\", rpm:\"curl-debuginfo~7.19.4~1.fc10\", rls:\"FC10\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}, {"lastseen": "2018-04-06T11:38:04", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0037"], "description": "The remote host is missing updates to curl announced in\nadvisory CESA-2009:0341.", "modified": "2018-04-06T00:00:00", "published": "2009-03-31T00:00:00", "id": "OPENVAS:136141256231063706", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231063706", "type": "openvas", "title": "CentOS Security Advisory CESA-2009:0341 (curl)", "sourceData": "#CESA-2009:0341 63706 8\n# $Id: ovcesa2009_0341.nasl 9350 2018-04-06 07:03:33Z cfischer $\n# Description: Auto-generated from advisory CESA-2009:0341 (curl)\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# or at your option, GNU General Public License version 3,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"For details on the issues addressed in this update,\nplease visit the referenced security advisories.\";\ntag_solution = \"Update the appropriate packages on your system.\n\nhttp://www.securityspace.com/smysecure/catid.html?in=CESA-2009:0341\nhttp://www.securityspace.com/smysecure/catid.html?in=RHSA-2009:0341\nhttps://rhn.redhat.com/errata/RHSA-2009-0341.html\";\ntag_summary = \"The remote host is missing updates to curl announced in\nadvisory CESA-2009:0341.\";\n\n\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.63706\");\n script_version(\"$Revision: 9350 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2018-04-06 09:03:33 +0200 (Fri, 06 Apr 2018) $\");\n script_tag(name:\"creation_date\", value:\"2009-03-31 19:20:21 +0200 (Tue, 31 Mar 2009)\");\n script_cve_id(\"CVE-2009-0037\");\n script_tag(name:\"cvss_base\", value:\"6.8\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_name(\"CentOS Security Advisory CESA-2009:0341 (curl)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2009 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"CentOS Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/centos\", \"ssh/login/rpms\");\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-rpm.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isrpmvuln(pkg:\"curl\", rpm:\"curl~7.10.6~9.rhel3\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"curl-devel\", rpm:\"curl-devel~7.10.6~9.rhel3\", rls:\"CentOS3\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"curl\", rpm:\"curl~7.12.1~11.1.el4_7.1\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\nif ((res = isrpmvuln(pkg:\"curl-devel\", rpm:\"curl-devel~7.12.1~11.1.el4_7.1\", rls:\"CentOS4\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "nessus": [{"lastseen": "2021-01-12T10:07:08", "description": "Update to curl-7.19.4 fixes CVE-2009-0037.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2009-04-23T00:00:00", "title": "Fedora 10 : curl-7.19.4-1.fc10 (2009-2247)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0037"], "modified": "2009-04-23T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:10", "p-cpe:/a:fedoraproject:fedora:curl"], "id": "FEDORA_2009-2247.NASL", "href": "https://www.tenable.com/plugins/nessus/36748", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-2247.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(36748);\n script_version(\"1.16\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-0037\");\n script_bugtraq_id(33962);\n script_xref(name:\"FEDORA\", value:\"2009-2247\");\n\n script_name(english:\"Fedora 10 : curl-7.19.4-1.fc10 (2009-2247)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to curl-7.19.4 fixes CVE-2009-0037.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=485271\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-March/020988.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c40b5012\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected curl package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(352);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:curl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:10\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/03/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/04/23\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^10([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 10.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC10\", reference:\"curl-7.19.4-1.fc10\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"curl\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T14:04:15", "description": "Arbitrary file access via HTTP-redirect has been fixed in curl.\nCVE-2009-0037 has been assigned to this issue.", "edition": 21, "published": "2009-07-21T00:00:00", "title": "openSUSE Security Update : curl (curl-530)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0037"], "modified": "2009-07-21T00:00:00", "cpe": ["cpe:/o:novell:opensuse:11.1", "p-cpe:/a:novell:opensuse:libcurl4", "p-cpe:/a:novell:opensuse:libcurl-devel", "p-cpe:/a:novell:opensuse:curl", "p-cpe:/a:novell:opensuse:libcurl4-32bit"], "id": "SUSE_11_1_CURL-090217.NASL", "href": "https://www.tenable.com/plugins/nessus/40208", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update curl-530.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(40208);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-0037\");\n\n script_name(english:\"openSUSE Security Update : curl (curl-530)\");\n script_summary(english:\"Check for the curl-530 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Arbitrary file access via HTTP-redirect has been fixed in curl.\nCVE-2009-0037 has been assigned to this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=475103\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected curl packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(352);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcurl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcurl4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcurl4-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/02/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.1)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.1\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.1\", reference:\"curl-7.19.0-11.2.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libcurl-devel-7.19.0-11.2.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", reference:\"libcurl4-7.19.0-11.2.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.1\", cpu:\"x86_64\", reference:\"libcurl4-32bit-7.19.0-11.2.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"curl\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T14:43:28", "description": "Arbitrary file access via HTTP-redirect has been fixed in curl.\nCVE-2009-0037 has been assigned to this issue.", "edition": 21, "published": "2009-03-03T00:00:00", "title": "openSUSE 10 Security Update : curl (curl-6004)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0037"], "modified": "2009-03-03T00:00:00", "cpe": ["cpe:/o:novell:opensuse:10.3", "p-cpe:/a:novell:opensuse:libcurl4", "p-cpe:/a:novell:opensuse:libcurl-devel", "p-cpe:/a:novell:opensuse:curl-ca-bundle", "p-cpe:/a:novell:opensuse:curl", "p-cpe:/a:novell:opensuse:libcurl4-32bit"], "id": "SUSE_CURL-6004.NASL", "href": "https://www.tenable.com/plugins/nessus/35758", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update curl-6004.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35758);\n script_version(\"1.9\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-0037\");\n\n script_name(english:\"openSUSE 10 Security Update : curl (curl-6004)\");\n script_summary(english:\"Check for the curl-6004 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Arbitrary file access via HTTP-redirect has been fixed in curl.\nCVE-2009-0037 has been assigned to this issue.\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected curl packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(352);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:curl-ca-bundle\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcurl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcurl4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcurl4-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:10.3\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/02/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/03/03\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE10\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"10.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE10.3\", reference:\"curl-7.16.4-16.4\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"curl-ca-bundle-7.16.4-16.4\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"libcurl-devel-7.16.4-16.4\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", reference:\"libcurl4-7.16.4-16.4\") ) flag++;\nif ( rpm_check(release:\"SUSE10.3\", cpu:\"x86_64\", reference:\"libcurl4-32bit-7.16.4-16.4\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"curl\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-12T10:07:08", "description": "Update to curl-7.19.4 fixes CVE-2009-0037.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 24, "published": "2009-03-06T00:00:00", "title": "Fedora 9 : curl-7.19.4-1.fc9 (2009-2265)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0037"], "modified": "2009-03-06T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:9", "p-cpe:/a:fedoraproject:fedora:curl"], "id": "FEDORA_2009-2265.NASL", "href": "https://www.tenable.com/plugins/nessus/35782", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory 2009-2265.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35782);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/11\");\n\n script_cve_id(\"CVE-2009-0037\");\n script_bugtraq_id(33962);\n script_xref(name:\"FEDORA\", value:\"2009-2265\");\n\n script_name(english:\"Fedora 9 : curl-7.19.4-1.fc9 (2009-2265)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Update to curl-7.19.4 fixes CVE-2009-0037.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.redhat.com/show_bug.cgi?id=485271\"\n );\n # https://lists.fedoraproject.org/pipermail/package-announce/2009-March/020989.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?b914331b\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected curl package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(352);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:curl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:9\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/03/03\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/03/06\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = eregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! ereg(pattern:\"^9([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 9.x\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"FC9\", reference:\"curl-7.19.4-1.fc9\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"curl\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T13:06:34", "description": "Updated curl packages that fix a security issue are now available for\nRed Hat Enterprise Linux 2.1, 3, 4, and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\ncURL is a tool for getting files from FTP, HTTP, Gopher, Telnet, and\nDict servers, using any of the supported protocols. cURL is designed\nto work without user interaction or any kind of interactivity.\n\nDavid Kierznowski discovered a flaw in libcurl where it would not\ndifferentiate between different target URLs when handling automatic\nredirects. This caused libcurl to follow any new URL that it\nunderstood, including the 'file://' URL type. This could allow a\nremote server to force a local libcurl-using application to read a\nlocal file instead of the remote one, possibly exposing local files\nthat were not meant to be exposed. (CVE-2009-0037)\n\nNote: Applications using libcurl that are expected to follow redirects\nto 'file://' protocol must now explicitly call curl_easy_setopt(3) and\nset the newly introduced CURLOPT_REDIR_PROTOCOLS option as required.\n\ncURL users should upgrade to these updated packages, which contain\nbackported patches to correct these issues. All running applications\nusing libcurl must be restarted for the update to take effect.", "edition": 28, "published": "2009-03-20T00:00:00", "title": "RHEL 2.1 / 3 / 4 / 5 : curl (RHSA-2009:0341)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0037"], "modified": "2009-03-20T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:3", "cpe:/o:redhat:enterprise_linux:4", "cpe:/o:redhat:enterprise_linux:2.1", "cpe:/o:redhat:enterprise_linux:5", "cpe:/o:redhat:enterprise_linux:5.3", "p-cpe:/a:redhat:enterprise_linux:curl", "cpe:/o:redhat:enterprise_linux:4.7", "p-cpe:/a:redhat:enterprise_linux:curl-devel"], "id": "REDHAT-RHSA-2009-0341.NASL", "href": "https://www.tenable.com/plugins/nessus/35971", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:0341. The text \n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35971);\n script_version(\"1.27\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-0037\");\n script_bugtraq_id(33962);\n script_xref(name:\"RHSA\", value:\"2009:0341\");\n\n script_name(english:\"RHEL 2.1 / 3 / 4 / 5 : curl (RHSA-2009:0341)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Red Hat host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated curl packages that fix a security issue are now available for\nRed Hat Enterprise Linux 2.1, 3, 4, and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\ncURL is a tool for getting files from FTP, HTTP, Gopher, Telnet, and\nDict servers, using any of the supported protocols. cURL is designed\nto work without user interaction or any kind of interactivity.\n\nDavid Kierznowski discovered a flaw in libcurl where it would not\ndifferentiate between different target URLs when handling automatic\nredirects. This caused libcurl to follow any new URL that it\nunderstood, including the 'file://' URL type. This could allow a\nremote server to force a local libcurl-using application to read a\nlocal file instead of the remote one, possibly exposing local files\nthat were not meant to be exposed. (CVE-2009-0037)\n\nNote: Applications using libcurl that are expected to follow redirects\nto 'file://' protocol must now explicitly call curl_easy_setopt(3) and\nset the newly introduced CURLOPT_REDIR_PROTOCOLS option as required.\n\ncURL users should upgrade to these updated packages, which contain\nbackported patches to correct these issues. All running applications\nusing libcurl must be restarted for the update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/security/cve/cve-2009-0037\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://access.redhat.com/errata/RHSA-2009:0341\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected curl and / or curl-devel packages.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(352);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:curl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:2.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:4.7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:5.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/03/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/03/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/03/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Red Hat\" >!< release) audit(AUDIT_OS_NOT, \"Red Hat\");\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Red Hat\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(2\\.1|3|4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Red Hat 2.1 / 3.x / 4.x / 5.x\", \"Red Hat \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"s390\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Red Hat\", cpu);\n\nyum_updateinfo = get_kb_item(\"Host/RedHat/yum-updateinfo\");\nif (!empty_or_null(yum_updateinfo)) \n{\n rhsa = \"RHSA-2009:0341\";\n yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);\n if (!empty_or_null(yum_report))\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : yum_report \n );\n exit(0);\n }\n else\n {\n audit_message = \"affected by Red Hat security advisory \" + rhsa;\n audit(AUDIT_OS_NOT, audit_message);\n }\n}\nelse\n{\n flag = 0;\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"curl-7.8-3.rhel2\")) flag++;\n\n if (rpm_check(release:\"RHEL2.1\", cpu:\"i386\", reference:\"curl-devel-7.8-3.rhel2\")) flag++;\n\n\n if (rpm_check(release:\"RHEL3\", reference:\"curl-7.10.6-9.rhel3\")) flag++;\n\n if (rpm_check(release:\"RHEL3\", reference:\"curl-devel-7.10.6-9.rhel3\")) flag++;\n\n\n if (rpm_check(release:\"RHEL4\", reference:\"curl-7.12.1-11.1.el4_7.1\")) flag++;\n\n if (rpm_check(release:\"RHEL4\", reference:\"curl-devel-7.12.1-11.1.el4_7.1\")) flag++;\n\n\n if (rpm_check(release:\"RHEL5\", reference:\"curl-7.15.5-2.1.el5_3.4\")) flag++;\n\n if (rpm_check(release:\"RHEL5\", reference:\"curl-devel-7.15.5-2.1.el5_3.4\")) flag++;\n\n\n if (flag)\n {\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n }\n else\n {\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"curl / curl-devel\");\n }\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T09:10:25", "description": "New curl packages are available for Slackware 9.1, 10.0, 10.1, 10.2,\n11.0, 12.0, 12.1, 12.2, and -current to fix a security issue.", "edition": 24, "published": "2009-03-11T00:00:00", "title": "Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 9.1 / current : curl (SSA:2009-069-01)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0037"], "modified": "2009-03-11T00:00:00", "cpe": ["cpe:/o:slackware:slackware_linux:12.0", "cpe:/o:slackware:slackware_linux:12.2", "cpe:/o:slackware:slackware_linux:9.1", "cpe:/o:slackware:slackware_linux:10.1", "cpe:/o:slackware:slackware_linux:10.0", "cpe:/o:slackware:slackware_linux:11.0", "cpe:/o:slackware:slackware_linux", "cpe:/o:slackware:slackware_linux:10.2", "cpe:/o:slackware:slackware_linux:12.1", "p-cpe:/a:slackware:slackware_linux:curl"], "id": "SLACKWARE_SSA_2009-069-01.NASL", "href": "https://www.tenable.com/plugins/nessus/35825", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Slackware Security Advisory 2009-069-01. The text \n# itself is copyright (C) Slackware Linux, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35825);\n script_version(\"1.15\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-0037\");\n script_bugtraq_id(33962);\n script_xref(name:\"SSA\", value:\"2009-069-01\");\n\n script_name(english:\"Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 9.1 / current : curl (SSA:2009-069-01)\");\n script_summary(english:\"Checks for updated package in /var/log/packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Slackware host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"New curl packages are available for Slackware 9.1, 10.0, 10.1, 10.2,\n11.0, 12.0, 12.1, 12.2, and -current to fix a security issue.\"\n );\n # http://www.slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.476602\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?afd58558\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected curl package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(352);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:slackware:slackware_linux:curl\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:10.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:11.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.1\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:12.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:slackware:slackware_linux:9.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/03/10\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/03/11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Slackware Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Slackware/release\", \"Host/Slackware/packages\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"slackware.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Slackware/release\")) audit(AUDIT_OS_NOT, \"Slackware\");\nif (!get_kb_item(\"Host/Slackware/packages\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Slackware\", cpu);\n\n\nflag = 0;\nif (slackware_check(osver:\"9.1\", pkgname:\"curl\", pkgver:\"7.10.7\", pkgarch:\"i486\", pkgnum:\"3_slack9.1\")) flag++;\n\nif (slackware_check(osver:\"10.0\", pkgname:\"curl\", pkgver:\"7.12.2\", pkgarch:\"i486\", pkgnum:\"3_slack10.0\")) flag++;\n\nif (slackware_check(osver:\"10.1\", pkgname:\"curl\", pkgver:\"7.12.2\", pkgarch:\"i486\", pkgnum:\"3_slack10.1\")) flag++;\n\nif (slackware_check(osver:\"10.2\", pkgname:\"curl\", pkgver:\"7.12.2\", pkgarch:\"i486\", pkgnum:\"3_slack10.2\")) flag++;\n\nif (slackware_check(osver:\"11.0\", pkgname:\"curl\", pkgver:\"7.15.5\", pkgarch:\"i486\", pkgnum:\"2_slack11.0\")) flag++;\n\nif (slackware_check(osver:\"12.0\", pkgname:\"curl\", pkgver:\"7.16.2\", pkgarch:\"i486\", pkgnum:\"2_slack12.0\")) flag++;\n\nif (slackware_check(osver:\"12.1\", pkgname:\"curl\", pkgver:\"7.16.2\", pkgarch:\"i486\", pkgnum:\"2_slack12.1\")) flag++;\n\nif (slackware_check(osver:\"12.2\", pkgname:\"curl\", pkgver:\"7.19.4\", pkgarch:\"i486\", pkgnum:\"1_slack12.2\")) flag++;\n\nif (slackware_check(osver:\"current\", pkgname:\"curl\", pkgver:\"7.19.4\", pkgarch:\"i486\", pkgnum:\"1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:slackware_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T14:43:29", "description": "Arbitrary file access via HTTP-redirect has been fixed in curl.\nCVE-2009-0037 has been assigned to this issue.", "edition": 21, "published": "2009-09-24T00:00:00", "title": "SuSE 10 Security Update : curl (ZYPP Patch Number 6015)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0037"], "modified": "2009-09-24T00:00:00", "cpe": ["cpe:/o:suse:suse_linux"], "id": "SUSE_CURL-6015.NASL", "href": "https://www.tenable.com/plugins/nessus/41496", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The text description of this plugin is (C) Novell, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(41496);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-0037\");\n\n script_name(english:\"SuSE 10 Security Update : curl (ZYPP Patch Number 6015)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SuSE 10 host is missing a security-related patch.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Arbitrary file access via HTTP-redirect has been fixed in curl.\nCVE-2009-0037 has been assigned to this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://support.novell.com/security/cve/CVE-2009-0037.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Apply ZYPP patch number 6015.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(352);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:suse:suse_linux\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/02/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/09/24\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) exit(0, \"Local checks are not enabled.\");\nif (!get_kb_item(\"Host/SuSE/release\")) exit(0, \"The host is not running SuSE.\");\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) exit(1, \"Could not obtain the list of installed packages.\");\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) exit(1, \"Failed to determine the architecture type.\");\nif (cpu >!< \"x86_64\" && cpu !~ \"^i[3-6]86$\") exit(1, \"Local checks for SuSE 10 on the '\"+cpu+\"' architecture have not been implemented.\");\n\n\nflag = 0;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"curl-7.15.1-19.11\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, reference:\"curl-devel-7.15.1-19.11\")) flag++;\nif (rpm_check(release:\"SLED10\", sp:2, cpu:\"x86_64\", reference:\"curl-32bit-7.15.1-19.11\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"curl-7.15.1-19.11\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, reference:\"curl-devel-7.15.1-19.11\")) flag++;\nif (rpm_check(release:\"SLES10\", sp:2, cpu:\"x86_64\", reference:\"curl-32bit-7.15.1-19.11\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse exit(0, \"The host is not affected.\");\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-06T09:25:34", "description": "Updated curl packages that fix a security issue are now available for\nRed Hat Enterprise Linux 2.1, 3, 4, and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\ncURL is a tool for getting files from FTP, HTTP, Gopher, Telnet, and\nDict servers, using any of the supported protocols. cURL is designed\nto work without user interaction or any kind of interactivity.\n\nDavid Kierznowski discovered a flaw in libcurl where it would not\ndifferentiate between different target URLs when handling automatic\nredirects. This caused libcurl to follow any new URL that it\nunderstood, including the 'file://' URL type. This could allow a\nremote server to force a local libcurl-using application to read a\nlocal file instead of the remote one, possibly exposing local files\nthat were not meant to be exposed. (CVE-2009-0037)\n\nNote: Applications using libcurl that are expected to follow redirects\nto 'file://' protocol must now explicitly call curl_easy_setopt(3) and\nset the newly introduced CURLOPT_REDIR_PROTOCOLS option as required.\n\ncURL users should upgrade to these updated packages, which contain\nbackported patches to correct these issues. All running applications\nusing libcurl must be restarted for the update to take effect.", "edition": 27, "published": "2009-03-20T00:00:00", "title": "CentOS 3 / 4 : curl (CESA-2009:0341)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0037"], "modified": "2009-03-20T00:00:00", "cpe": ["cpe:/o:centos:centos:4", "p-cpe:/a:centos:centos:curl-devel", "p-cpe:/a:centos:centos:curl", "cpe:/o:centos:centos:3"], "id": "CENTOS_RHSA-2009-0341.NASL", "href": "https://www.tenable.com/plugins/nessus/35965", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Red Hat Security Advisory RHSA-2009:0341 and \n# CentOS Errata and Security Advisory 2009:0341 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(35965);\n script_version(\"1.17\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2009-0037\");\n script_bugtraq_id(33962);\n script_xref(name:\"RHSA\", value:\"2009:0341\");\n\n script_name(english:\"CentOS 3 / 4 : curl (CESA-2009:0341)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote CentOS host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Updated curl packages that fix a security issue are now available for\nRed Hat Enterprise Linux 2.1, 3, 4, and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\ncURL is a tool for getting files from FTP, HTTP, Gopher, Telnet, and\nDict servers, using any of the supported protocols. cURL is designed\nto work without user interaction or any kind of interactivity.\n\nDavid Kierznowski discovered a flaw in libcurl where it would not\ndifferentiate between different target URLs when handling automatic\nredirects. This caused libcurl to follow any new URL that it\nunderstood, including the 'file://' URL type. This could allow a\nremote server to force a local libcurl-using application to read a\nlocal file instead of the remote one, possibly exposing local files\nthat were not meant to be exposed. (CVE-2009-0037)\n\nNote: Applications using libcurl that are expected to follow redirects\nto 'file://' protocol must now explicitly call curl_easy_setopt(3) and\nset the newly introduced CURLOPT_REDIR_PROTOCOLS option as required.\n\ncURL users should upgrade to these updated packages, which contain\nbackported patches to correct these issues. All running applications\nusing libcurl must be restarted for the update to take effect.\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-April/015808.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?5ddd7637\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-April/015809.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?4eac47f0\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-March/015686.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0bb8f8ab\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-March/015687.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?8800b2fd\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-March/015694.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?1ad3affc\"\n );\n # https://lists.centos.org/pipermail/centos-announce/2009-March/015695.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?317149f3\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected curl packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(352);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:centos:centos:curl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:centos:centos:4\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/03/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/04/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/03/20\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"CentOS Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/CentOS/release\", \"Host/CentOS/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/CentOS/release\");\nif (isnull(release) || \"CentOS\" >!< release) audit(AUDIT_OS_NOT, \"CentOS\");\nos_ver = pregmatch(pattern: \"CentOS(?: Linux)? release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"CentOS\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"CentOS 3.x / 4.x\", \"CentOS \" + os_ver);\n\nif (!get_kb_item(\"Host/CentOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"CentOS\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"CentOS-3\", reference:\"curl-7.10.6-9.rhel3\")) flag++;\nif (rpm_check(release:\"CentOS-3\", reference:\"curl-devel-7.10.6-9.rhel3\")) flag++;\n\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"curl-7.12.1-11.1.el4_7.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"curl-7.12.1-11.1.c4.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"curl-7.12.1-11.1.el4_7.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"i386\", reference:\"curl-devel-7.12.1-11.1.el4_7.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"ia64\", reference:\"curl-devel-7.12.1-11.1.c4.1\")) flag++;\nif (rpm_check(release:\"CentOS-4\", cpu:\"x86_64\", reference:\"curl-devel-7.12.1-11.1.el4_7.1\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"curl / curl-devel\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T14:03:07", "description": "Arbitrary file access via HTTP-redirect has been fixed in curl.\nCVE-2009-0037 has been assigned to this issue.", "edition": 21, "published": "2009-07-21T00:00:00", "title": "openSUSE Security Update : curl (curl-530)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0037"], "modified": "2009-07-21T00:00:00", "cpe": ["cpe:/o:novell:opensuse:11.0", "p-cpe:/a:novell:opensuse:libcurl4", "p-cpe:/a:novell:opensuse:libcurl-devel", "p-cpe:/a:novell:opensuse:curl", "p-cpe:/a:novell:opensuse:libcurl4-32bit"], "id": "SUSE_11_0_CURL-090217.NASL", "href": "https://www.tenable.com/plugins/nessus/39945", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update curl-530.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(39945);\n script_version(\"1.11\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-0037\");\n\n script_name(english:\"openSUSE Security Update : curl (curl-530)\");\n script_summary(english:\"Check for the curl-530 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Arbitrary file access via HTTP-redirect has been fixed in curl.\nCVE-2009-0037 has been assigned to this issue.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.novell.com/show_bug.cgi?id=475103\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected curl packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_cwe_id(352);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcurl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcurl4\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:libcurl4-32bit\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:11.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/02/17\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2009/07/21\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2009-2021 Tenable Network Security, Inc.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE11\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"11.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE11.0\", reference:\"curl-7.18.1-18.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libcurl-devel-7.18.1-18.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", reference:\"libcurl4-7.18.1-18.2\") ) flag++;\nif ( rpm_check(release:\"SUSE11.0\", cpu:\"x86_64\", reference:\"libcurl4-32bit-7.18.1-18.2\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"curl\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-17T12:44:24", "description": "From Red Hat Security Advisory 2009:0341 :\n\nUpdated curl packages that fix a security issue are now available for\nRed Hat Enterprise Linux 2.1, 3, 4, and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\ncURL is a tool for getting files from FTP, HTTP, Gopher, Telnet, and\nDict servers, using any of the supported protocols. cURL is designed\nto work without user interaction or any kind of interactivity.\n\nDavid Kierznowski discovered a flaw in libcurl where it would not\ndifferentiate between different target URLs when handling automatic\nredirects. This caused libcurl to follow any new URL that it\nunderstood, including the 'file://' URL type. This could allow a\nremote server to force a local libcurl-using application to read a\nlocal file instead of the remote one, possibly exposing local files\nthat were not meant to be exposed. (CVE-2009-0037)\n\nNote: Applications using libcurl that are expected to follow redirects\nto 'file://' protocol must now explicitly call curl_easy_setopt(3) and\nset the newly introduced CURLOPT_REDIR_PROTOCOLS option as required.\n\ncURL users should upgrade to these updated packages, which contain\nbackported patches to correct these issues. All running applications\nusing libcurl must be restarted for the update to take effect.", "edition": 25, "published": "2013-07-12T00:00:00", "title": "Oracle Linux 3 / 4 / 5 : curl (ELSA-2009-0341)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2009-0037"], "modified": "2013-07-12T00:00:00", "cpe": ["p-cpe:/a:oracle:linux:curl-devel", "cpe:/o:oracle:linux:5", "p-cpe:/a:oracle:linux:curl", "cpe:/o:oracle:linux:3", "cpe:/o:oracle:linux:4"], "id": "ORACLELINUX_ELSA-2009-0341.NASL", "href": "https://www.tenable.com/plugins/nessus/67821", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2009:0341 and \n# Oracle Linux Security Advisory ELSA-2009-0341 respectively.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(67821);\n script_version(\"1.10\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/14\");\n\n script_cve_id(\"CVE-2009-0037\");\n script_bugtraq_id(33962);\n script_xref(name:\"RHSA\", value:\"2009:0341\");\n\n script_name(english:\"Oracle Linux 3 / 4 / 5 : curl (ELSA-2009-0341)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Oracle Linux host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"From Red Hat Security Advisory 2009:0341 :\n\nUpdated curl packages that fix a security issue are now available for\nRed Hat Enterprise Linux 2.1, 3, 4, and 5.\n\nThis update has been rated as having moderate security impact by the\nRed Hat Security Response Team.\n\ncURL is a tool for getting files from FTP, HTTP, Gopher, Telnet, and\nDict servers, using any of the supported protocols. cURL is designed\nto work without user interaction or any kind of interactivity.\n\nDavid Kierznowski discovered a flaw in libcurl where it would not\ndifferentiate between different target URLs when handling automatic\nredirects. This caused libcurl to follow any new URL that it\nunderstood, including the 'file://' URL type. This could allow a\nremote server to force a local libcurl-using application to read a\nlocal file instead of the remote one, possibly exposing local files\nthat were not meant to be exposed. (CVE-2009-0037)\n\nNote: Applications using libcurl that are expected to follow redirects\nto 'file://' protocol must now explicitly call curl_easy_setopt(3) and\nset the newly introduced CURLOPT_REDIR_PROTOCOLS option as required.\n\ncURL users should upgrade to these updated packages, which contain\nbackported patches to correct these issues. All running applications\nusing libcurl must be restarted for the update to take effect.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-March/000919.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-March/000921.html\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://oss.oracle.com/pipermail/el-errata/2009-March/000924.html\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected curl packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:POC/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"Exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"true\");\n script_cwe_id(352);\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:curl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:oracle:linux:curl-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:4\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:oracle:linux:5\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2009/03/04\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2009/03/19\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2013/07/12\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2013-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Oracle Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/OracleLinux\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/OracleLinux\")) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || !pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux)\", string:release)) audit(AUDIT_OS_NOT, \"Oracle Linux\");\nos_ver = pregmatch(pattern: \"Oracle (?:Linux Server|Enterprise Linux) .*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Oracle Linux\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(3|4|5)([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Oracle Linux 3 / 4 / 5\", \"Oracle Linux \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && \"ia64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Oracle Linux\", cpu);\n\nflag = 0;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"curl-7.10.6-9.rhel3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"curl-7.10.6-9.rhel3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"i386\", reference:\"curl-devel-7.10.6-9.rhel3\")) flag++;\nif (rpm_check(release:\"EL3\", cpu:\"x86_64\", reference:\"curl-devel-7.10.6-9.rhel3\")) flag++;\n\nif (rpm_check(release:\"EL4\", reference:\"curl-7.12.1-11.1.el4_7.1\")) flag++;\nif (rpm_check(release:\"EL4\", reference:\"curl-devel-7.12.1-11.1.el4_7.1\")) flag++;\n\nif (rpm_check(release:\"EL5\", reference:\"curl-7.15.5-2.1.el5_3.4\")) flag++;\nif (rpm_check(release:\"EL5\", reference:\"curl-devel-7.15.5-2.1.el5_3.4\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"curl / curl-devel\");\n}\n", "cvss": {"score": 6.8, "vector": "AV:N/AC:M/Au:N/C:P/I:P/A:P"}}], "seebug": [{"lastseen": "2017-11-19T18:56:56", "description": "BUGTRAQ ID: 33962\r\nCVE(CAN) ID: CVE-2009-0037\r\n\r\ncURL\u662f\u547d\u4ee4\u884c\u4f20\u8f93\u6587\u4ef6\u5de5\u5177\uff0c\u652f\u6301FTP\u3001FTPS\u3001HTTP\u3001HTTPS\u3001GOPHER\u3001TELNET\u3001DICT\u3001FILE\u548cLDAP\u3002\r\n\r\n\u8ddf\u968fHTTP Location:\u7684cURL\u4f1a\u91cd\u65b0\u5b9a\u5411\u5230scp:\u6216file:// URL\uff0c\u56e0\u6b64\u5982\u679c\u7528\u6237\u70b9\u51fb\u4e86\u7279\u5236\u7684\u91cd\u65b0\u5b9a\u5411URL\u7684\u8bdd\uff08\u4f8b\u5982libcurl\u5ba2\u6237\u7aef\u8bfb\u53d6RSS\u6e90\uff09\uff0c\u6076\u610f\u7684HTTP\u670d\u52a1\u5668\u5c31\u53ef\u4ee5\u8986\u76d6\u6216\u6cc4\u9732\u4efb\u610f\u672c\u5730\u6587\u4ef6\u7cfb\u7edf\u7684\u5185\u5bb9\uff0c\u6216\u6267\u884c\u4efb\u610f\u547d\u4ee4\u3002\n\nDaniel Stenberg curl 5.11 - 7.19.3\n \u5382\u5546\u8865\u4e01\uff1a\r\n\r\nDaniel Stenberg\r\n---------------\r\n\u76ee\u524d\u5382\u5546\u5df2\u7ecf\u53d1\u5e03\u4e86\u5347\u7ea7\u8865\u4e01\u4ee5\u4fee\u590d\u8fd9\u4e2a\u5b89\u5168\u95ee\u9898\uff0c\u8bf7\u5230\u5382\u5546\u7684\u4e3b\u9875\u4e0b\u8f7d\uff1a\r\n\r\n<a href=http://curl.haxx.se/download/curl-7.19.4.zip target=_blank rel=external nofollow>http://curl.haxx.se/download/curl-7.19.4.zip</a>", "published": "2009-03-05T00:00:00", "title": "cURL/libcURL HTTP Location:\u91cd\u65b0\u5b9a\u5411\u7ed5\u8fc7\u5b89\u5168\u9650\u5236\u6f0f\u6d1e", "type": "seebug", "bulletinFamily": "exploit", "cvelist": ["CVE-2009-0037"], "modified": "2009-03-05T00:00:00", "href": "https://www.seebug.org/vuldb/ssvid-4867", "id": "SSV:4867", "sourceData": "\n <?php\r\n// This is an example of a vulnerable peice of PHP code\r\n// If libcurl uses CURLOPT_FOLLOWLOCATION it could lead\r\n// to arbitrary file access.\r\n// The malicious redirect on withdk.com looks like this\r\n// in .htaccess:\r\n// # for Linux\r\n// redirect 302 /test file:///etc/motd\r\n// # for Win32\r\n// redirect 302 /test file:///c:\\boot.ini\r\n// print_r ( curl_version() );\r\n$c = new cc;\r\n$c->fetch('http://withdk.com/malicious-redirect');\r\nclass cc {\r\nfunction fetch($url) {\r\n$ch = curl_init();\r\ncurl_setopt($ch, CURLOPT_HEADER, 1);\r\ncurl_setopt($ch, CURLOPT_FOLLOWLOCATION, 1);\r\ncurl_setopt($ch, CURLOPT_URL, $url);\r\n$result1 = curl_exec($ch);\r\necho $result1;\r\ncurl_close($ch);\r\n}\r\n}\r\n?>\r\n\n ", "cvss": {"score": 6.8, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "https://www.seebug.org/vuldb/ssvid-4867"}], "vmware": [{"lastseen": "2019-11-06T16:05:49", "bulletinFamily": "unix", "cvelist": ["CVE-2009-1185", "CVE-2009-0034", "CVE-2009-0037"], "description": "a. Service Console package udev \nA vulnerability in the udev program did not verify whether a NETLINK \nmessage originates from kernel space, which allows local users to \ngain privileges by sending a NETLINK message from user space. \nThe Common Vulnerabilities and Exposures Project (cve.mitre.org) \nhas assigned the name CVE-2009-1185 to this issue. \nPlease see <http://kb.vmware.com/kb/1011786> for details. \nThe following table lists what action remediates the vulnerability \n(column 4) if a solution is available. \n\n", "edition": 4, "modified": "2009-07-10T00:00:00", "published": "2009-07-10T00:00:00", "id": "VMSA-2009-0009", "href": "https://www.vmware.com/security/advisories/VMSA-2009-0009.html", "title": "ESX Service Console updates for udev, sudo, and curl", "type": "vmware", "cvss": {"score": 7.2, "vector": "AV:L/AC:L/Au:N/C:C/I:C/A:C"}}], "threatpost": [{"lastseen": "2018-10-06T23:08:12", "bulletinFamily": "info", "cvelist": ["CVE-2003-0063", "CVE-2006-1329", "CVE-2008-0564", "CVE-2008-0888", "CVE-2008-2712", "CVE-2008-4101", "CVE-2008-4456", "CVE-2008-5302", "CVE-2008-5303", "CVE-2008-5515", "CVE-2008-7247", "CVE-2009-0033", "CVE-2009-0037", "CVE-2009-0316", "CVE-2009-0580", "CVE-2009-0688", "CVE-2009-0689", "CVE-2009-0781", "CVE-2009-0783", "CVE-2009-1904", "CVE-2009-2042", "CVE-2009-2417", "CVE-2009-2422", "CVE-2009-2446", "CVE-2009-2632", "CVE-2009-2693", "CVE-2009-2801", "CVE-2009-2901", "CVE-2009-2902", "CVE-2009-2906", "CVE-2009-3009", "CVE-2009-3095", "CVE-2009-3557", "CVE-2009-3558", "CVE-2009-3559", "CVE-2009-4017", "CVE-2009-4019", "CVE-2009-4030", "CVE-2009-4142", "CVE-2009-4143", "CVE-2009-4214", "CVE-2010-0041", "CVE-2010-0042", "CVE-2010-0043", "CVE-2010-0055", "CVE-2010-0056", "CVE-2010-0057", "CVE-2010-0058", "CVE-2010-0059", "CVE-2010-0060", "CVE-2010-0062", "CVE-2010-0063", "CVE-2010-0064", "CVE-2010-0065", "CVE-2010-0393", "CVE-2010-0497", "CVE-2010-0498", "CVE-2010-0500", "CVE-2010-0501", "CVE-2010-0502", "CVE-2010-0503", "CVE-2010-0504", "CVE-2010-0505", "CVE-2010-0506", "CVE-2010-0507", "CVE-2010-0508", "CVE-2010-0509", "CVE-2010-0510", "CVE-2010-0511", "CVE-2010-0512", "CVE-2010-0513", "CVE-2010-0514", "CVE-2010-0515", "CVE-2010-0516", "CVE-2010-0517", "CVE-2010-0518", "CVE-2010-0519", "CVE-2010-0520", "CVE-2010-0521", "CVE-2010-0522", "CVE-2010-0523", "CVE-2010-0524", "CVE-2010-0525", "CVE-2010-0526", "CVE-2010-0533", "CVE-2010-0534", "CVE-2010-0535", "CVE-2010-0537"], "description": "Apple Mega Patch Covers 88 Mac OS X Vulnerabilities\n\nApple today released one of its biggest Mac OS X security updates in recent memory, covering a whopping with fixes for 88 documented vulnerabilities.\n\nThe Mac OS X v10.6.3 update, which is considered \u201ccritical,\u201d covers flaws that could lead to remote code execution, information disclosure and denial-of-service attacks.\n\nSecurity Update 2010-002 / Mac OS X v10.6.3 is now available and\n\naddresses the following:\n\nAppKit\n\nCVE-ID: CVE-2010-0056\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\n\nImpact: Spell checking a maliciously crafted document may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A buffer overflow exists in the spell checking feature\n\nused by Cocoa applications. Spell checking a maliciously crafted\n\ndocument may lead to an unexpected application termination or\n\narbitrary code execution. This issue is addressed through improved\n\nbounds checking. This issue does not affect Mac OS X v10.6 systems.\n\nCredit: Apple.\n\nApplication Firewall\n\nCVE-ID: CVE-2009-2801\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\n\nImpact: Certain rules in the Application Firewall may become\n\ninactive after restart\n\nDescription: A timing issue in the Application Firewall may cause\n\ncertain rules to become inactive after reboot. The issue is addressed\n\nthrough improved handling of Firewall rules. This issue does not\n\naffect Mac OS X v10.6 systems. Credit to Michael Kisor of\n\nOrganicOrb.com for reporting this issue.\n\nAFP Server\n\nCVE-ID: CVE-2010-0057\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: When guest access is disabled, a remote user may be able to\n\nmount AFP shares as a guest\n\nDescription: An access control issue in AFP Server may allow a\n\nremote user to mount AFP shares as a guest, even if guest access is\n\ndisabled. This issue is addressed through improved access control\n\nchecks. Credit: Apple.\n\nAFP Server\n\nCVE-ID: CVE-2010-0533\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: A remote user with guest access to an AFP share may access\n\nthe contents of world-readable files outside the Public share\n\nDescription: A directory traversal issue exists in the path\n\nvalidation for AFP shares. A remote user may enumerate the parent\n\ndirectory of the share root, and read or write files within that\n\ndirectory that are accessible to the \u2018nobody\u2019 user. This issue is\n\naddressed through improved handling of file paths. Credit to Patrik\n\nKarlsson of cqure.net for reporting this issue.\n\nApache\n\nCVE-ID: CVE-2009-3095\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: A remote attacker may be able to bypass access control\n\nrestrictions\n\nDescription: An input validation issue exists in Apache\u2019s handling\n\nof proxied FTP requests. A remote attacker with the ability to issue\n\nrequests through the proxy may be able to bypass access control\n\nrestrictions specified in the Apache configuration. This issue is\n\naddressed by updating Apache to version 2.2.14.\n\nClamAV\n\nCVE-ID: CVE-2010-0058\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\n\nImpact: ClamAV virus definitions may not receive updates\n\nDescription: A configuration issue introduced in Security Update\n\n2009-005 prevents freshclam from running. This may prevent virus\n\ndefinitions from being updated. This issue is addressed by updating\n\nfreshclam\u2019s launchd plist ProgramArguments key values. This issue\n\ndoes not affect Mac OS X v10.6 systems. Credit to Bayard Bell, Wil\n\nShipley of Delicious Monster, and David Ferrero of Zion Software, LLC\n\nfor reporting this issue.\n\nCoreAudio\n\nCVE-ID: CVE-2010-0059\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Playing maliciously crafted audio content may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A memory corruption issue exists in the handling of\n\nQDM2 encoded audio content. Playing maliciously crafted audio content\n\nmay lead to an unexpected application termination or arbitrary code\n\nexecution. This issue is addressed through improved bounds checking.\n\nCredit to an anonymous researcher working with TippingPoint\u2019s Zero\n\nDay Initiative for reporting this issue.\n\nCoreAudio\n\nCVE-ID: CVE-2010-0060\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Playing maliciously crafted audio content may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A memory corruption issue exists in the handling of\n\nQDMC encoded audio content. Playing maliciously crafted audio content\n\nmay lead to an unexpected application termination or arbitrary code\n\nexecution. This issue is addressed through improved bounds checking.\n\nCredit to an anonymous researcher working with TippingPoint\u2019s Zero\n\nDay Initiative for reporting this issue.\n\nCoreMedia\n\nCVE-ID: CVE-2010-0062\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted movie file may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A heap buffer overflow exists in CoreMedia\u2019s handling\n\nof H.263 encoded movie files. Viewing a maliciously crafted movie\n\nfile may lead to an unexpected application termination or arbitrary\n\ncode execution. This issue is addressed by performing additional\n\nvalidation of H.263 encoded movie files. Credit to Damian Put working\n\nwith TippingPoint\u2019s Zero Day Initiative for reporting this issue.\n\nCoreTypes\n\nCVE-ID: CVE-2010-0063\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Users are not warned before opening certain potentially\n\nunsafe content types\n\nDescription: This update adds .ibplugin and .url to the system\u2019s\n\nlist of content types that will be flagged as potentially unsafe\n\nunder certain circumstances, such as when they are downloaded from a\n\nweb page. While these content types are not automatically launched,\n\nif manually opened they could lead to the execution of a malicious\n\nJavaScript payload or arbitrary code execution. This update improves\n\nthe system\u2019s ability to notify users before handling content types\n\nused by Safari. Credit to Clint Ruoho of Laconic Security for\n\nreporting this issue.\n\nCUPS\n\nCVE-ID: CVE-2010-0393\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: A local user may be able to obtain system privileges\n\nDescription: A format string issue exists in the lppasswd CUPS\n\nutility. This may allow a local user to obtain system privileges. Mac\n\nOS X v10.6 systems are only affected if the setuid bit has been set\n\non the binary. This issue is addressed by using default directories\n\nwhen running as a setuid process. Credit to Ronald Volgers for\n\nreporting this issue.\n\ncurl\n\nCVE-ID: CVE-2009-2417\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: A man-in-the-middle attacker may be able to impersonate a\n\ntrusted server\n\nDescription: A canonicalization issue exists in curl\u2019s handling of\n\nNULL characters in the subject\u2019s Common Name (CN) field of X.509\n\ncertificates. This may lead to man-in-the-middle attacks against\n\nusers of the curl command line tool, or applications using libcurl.\n\nThis issue is addressed through improved handling of NULL characters.\n\ncurl\n\nCVE-ID: CVE-2009-0037\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\n\nImpact: Using curl with -L may allow a remote attacker to read or\n\nwrite local files\n\nDescription: curl will follow HTTP and HTTPS redirects when used\n\nwith the -L option. When curl follows a redirect, it allows file://\n\nURLs. This may allow a remote attacker to access local files. This\n\nissue is addressed through improved validation of redirects. This\n\nissue does not affect Mac OS X v10.6 systems. Credit to Daniel\n\nStenberg of Haxx AB for reporting this issue.\n\nCyrus IMAP\n\nCVE-ID: CVE-2009-2632\n\nAvailable for: Mac OS X Server v10.5.8\n\nImpact: A local user may be able to obtain the privileges of the\n\nCyrus user\n\nDescription: A buffer overflow exists in the handling of sieve\n\nscripts. By running a maliciously crafted sieve script, a local user\n\nmay be able to obtain the privileges of the Cyrus user. This issue is\n\naddressed through improved bounds checking. This issue does not\n\naffect Mac OS X v10.6 systems.\n\nCyrus SASL\n\nCVE-ID: CVE-2009-0688\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\n\nImpact: An unauthenticated remote attacker may cause unexpected\n\napplication termination or arbitrary code execution\n\nDescription: A buffer overflow exists in the Cyrus SASL\n\nauthentication module. Using Cyrus SASL authentication may lead to an\n\nunexpected application termination or arbitrary code execution. This\n\nissue is addressed through improved bounds checking. This issue does\n\nnot affect Mac OS X v10.6 systems.\n\nDesktopServices\n\nCVE-ID: CVE-2010-0064\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Items copied in the Finder may be assigned an unexpected\n\nfile owner\n\nDescription: When performing an authenticated copy in the Finder,\n\noriginal file ownership may be unexpectedly copied. This update\n\naddresses the issue by ensuring that copied files are owned by the\n\nuser performing the copy. This issue does not affect systems prior to\n\nMac OS X v10.6. Credit to Gerrit DeWitt of Auburn University (Auburn,\n\nAL) for reporting this issue.\n\nDesktopServices\n\nCVE-ID: CVE-2010-0537\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: A remote attacker may gain access to user data via a multi-\n\nstage attack\n\nDescription: A path resolution issue in DesktopServices is\n\nvulnerable to a multi-stage attack. A remote attacker must first\n\nentice the user to mount an arbitrarily named share, which may be\n\ndone via a URL scheme. When saving a file using the default save\n\npanel in any application, and using \u201cGo to folder\u201d or dragging\n\nfolders to the save panel, the data may be unexpectedly saved to the\n\nmalicious share. This issue is addressed through improved path\n\nresolution. This issue does not affect systems prior to Mac OS X\n\nv10.6. Credit to Sidney San Martin working with DeepTech, Inc. for\n\nreporting this issue.\n\nDisk Images\n\nCVE-ID: CVE-2010-0065\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Mounting a maliciously crafted disk image may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A memory corruption issue exists in the handling of\n\nbzip2 compressed disk images. Mounting a maliciously crafted disk\n\nimage may lead to an unexpected application termination or arbitrary\n\ncode execution. This issue is addressed through improved bounds\n\nchecking. Credit: Apple.\n\nDisk Images\n\nCVE-ID: CVE-2010-0497\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Mounting a maliciously crafted disk image may lead to\n\narbitrary code execution\n\nDescription: A design issue exists in the handling of internet\n\nenabled disk images. Mounting an internet enabled disk image\n\ncontaining a package file type will open it rather than revealing it\n\nin the Finder. This file quarantine feature helps to mitigate this\n\nissue by providing a warning dialog for unsafe file types. This issue\n\nis addressed through improved handling of package file types on\n\ninternet enabled disk images. Credit to Brian Mastenbrook working\n\nwith TippingPoint\u2019s Zero Day Initiative for reporting this issue.\n\nDirectory Services\n\nCVE-ID: CVE-2010-0498\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: A local user may obtain system privileges\n\nDescription: An authorization issue in Directory Services\u2019 handling\n\nof record names may allow a local user to obtain system privileges.\n\nThis issue is addressed through improved authorization checks.\n\nCredit: Apple.\n\nDovecot\n\nCVE-ID: CVE-2010-0535\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: An authenticated user may be able to send and receive mail\n\neven if the user is not on the SACL of users who are permitted to do\n\nso\n\nDescription: An access control issue exists in Dovecot when Kerberos\n\nauthentication is enabled. This may allow an authenticated user to\n\nsend and receive mail even if the user is not on the service access\n\ncontrol list (SACL) of users who are permitted to do so. This issue\n\nis addressed through improved access control checks. This issue does\n\nnot affect systems prior to Mac OS X v10.6.\n\nEvent Monitor\n\nCVE-ID: CVE-2010-0500\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: A remote attacker may cause arbitrary systems to be added to\n\nthe firewall blacklist\n\nDescription: A reverse DNS lookup is performed on remote ssh clients\n\nthat fail to authenticate. A plist injection issue exists in the\n\nhandling of resolved DNS names. This may allow a remote attacker to\n\ncause arbitrary systems to be added to the firewall blacklist. This\n\nissue is addressed by properly escaping resolved DNS names. Credit:\n\nApple.\n\nFreeRADIUS\n\nCVE-ID: CVE-2010-0524\n\nAvailable for: Mac OS X Server v10.5.8,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: A remote attacker may obtain access to a network via RADIUS\n\nauthentication\n\nDescription: A certificate authentication issue exists in the\n\ndefault Mac OS X configuration of the FreeRADIUS server. A remote\n\nattacker may use EAP-TLS with an arbitrary valid certificate to\n\nauthenticate and connect to a network configured to use FreeRADIUS\n\nfor authentication. This issue is addressed by disabling support for\n\nEAP-TLS in the configuration. RADIUS clients should use EAP-TTLS\n\ninstead. This issue only affects Mac OS X Server systems. Credit to\n\nChris Linstruth of Qnet for reporting this issue.\n\nFTP Server\n\nCVE-ID: CVE-2010-0501\n\nAvailable for: Mac OS X Server v10.5.8,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Users may be able to retrieve files outside the FTP root\n\ndirectory\n\nDescription: A directory traversal issue exists in FTP Server. This\n\nmay allow a user to retrieve files outside the FTP root directory.\n\nThis issue is addressed through improved handling of file names. This\n\nissue only affects Mac OS X Server systems. Credit: Apple.\n\niChat Server\n\nCVE-ID: CVE-2006-1329\n\nAvailable for: Mac OS X Server v10.5.8,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: A remote attacker may be able to cause a denial of service\n\nDescription: An implementation issue exists in jabberd\u2019s handling of\n\nSASL negotiation. A remote attacker may be able to terminate the\n\noperation of jabberd. This issue is addressed through improved\n\nhandling of SASL negotiation. This issue only affects Mac OS X Server\n\nsystems.\n\niChat Server\n\nCVE-ID: CVE-2010-0502\n\nAvailable for: Mac OS X Server v10.5.8,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Chat messages may not be logged\n\nDescription: A design issue exists in iChat Server\u2019s support for\n\nconfigurable group chat logging. iChat Server only logs messages with\n\ncertain message types. This may allow a remote user to send a message\n\nthrough the server without it being logged. The issue is addressed by\n\nremoving the capability to disable group chat logs, and logging all\n\nmessages that are sent through the server. This issue only affects\n\nMac OS X Server systems. Credit: Apple.\n\niChat Server\n\nCVE-ID: CVE-2010-0503\n\nAvailable for: Mac OS X Server v10.5.8\n\nImpact: An authenticated user may be able to cause an unexpected\n\napplication termination or arbitrary code execution\n\nDescription: A use-after-free issue exists in iChat Server. An\n\nauthenticated user may be able to cause an unexpected application\n\ntermination or arbitrary code execution. This issue is addressed\n\nthrough improved memory reference tracking. This issue only affects\n\nMac OS X Server systems, and does not affect versions 10.6 or later.\n\niChat Server\n\nCVE-ID: CVE-2010-0504\n\nAvailable for: Mac OS X Server v10.5.8,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: An authenticated user may be able to cause an unexpected\n\napplication termination or arbitrary code execution\n\nDescription: Multiple stack buffer overflow issues exist in iChat\n\nServer. An authenticated user may be able to cause an unexpected\n\napplication termination or arbitrary code execution. These issues are\n\naddressed through improved memory management. These issues only\n\naffect Mac OS X Server systems. Credit: Apple.\n\nImageIO\n\nCVE-ID: CVE-2010-0505\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted JP2 image may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A heap buffer overflow exists in the handling of JP2\n\nimages. Viewing a maliciously crafted JP2 image may lead to an\n\nunexpected application termination or arbitrary code execution. This\n\nissue is addressed through improved bounds checking. Credit to Chris\n\nRies of Carnegie Mellon University Computing Service, and researcher\n\n\u201c85319bb6e6ab398b334509c50afce5259d42756e\u201d working with\n\nTippingPoint\u2019s Zero Day Initiative for reporting this issue.\n\nImageIO\n\nCVE-ID: CVE-2010-0041\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Visiting a maliciously crafted website may result in sending\n\ndata from Safari\u2019s memory to the website\n\nDescription: An uninitialized memory access issue exists in\n\nImageIO\u2019s handling of BMP images. Visiting a maliciously crafted\n\nwebsite may result in sending data from Safari\u2019s memory to the\n\nwebsite. This issue is addressed through improved memory\n\ninitialization and additional validation of BMP images. Credit to\n\nMatthew \u2018j00ru\u2019 Jurczyk of Hispasec for reporting this issue.\n\nImageIO\n\nCVE-ID: CVE-2010-0042\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Visiting a maliciously crafted website may result in sending\n\ndata from Safari\u2019s memory to the website\n\nDescription: An uninitialized memory access issue exists in\n\nImageIO\u2019s handling of TIFF images. Visiting a maliciously crafted\n\nwebsite may result in sending data from Safari\u2019s memory to the\n\nwebsite. This issue is addressed through improved memory\n\ninitialization and additional validation of TIFF images. Credit to\n\nMatthew \u2018j00ru\u2019 Jurczyk of Hispasec for reporting this issue.\n\nImageIO\n\nCVE-ID: CVE-2010-0043\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Processing a maliciously crafted TIFF image may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A memory corruption issue exists in the handling of\n\nTIFF images. Processing a maliciously crafted TIFF image may lead to\n\nan unexpected application termination or arbitrary code execution.\n\nThis issue is addressed through improved memory handling. This issue\n\ndoes not affect systems prior to Mac OS X v10.6. Credit to Gus\n\nMueller of Flying Meat for reporting this issue.\n\nImage RAW\n\nCVE-ID: CVE-2010-0506\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\n\nImpact: Viewing a maliciously crafted NEF image may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A buffer overflow exists in Image RAW\u2019s handling of NEF\n\nimages. Viewing a maliciously crafted NEF image may lead to an\n\nunexpected application termination or arbitrary code execution. This\n\nissue is addressed through improved bounds checking. This issue does\n\nnot affect Mac OS X v10.6 systems. Credit: Apple.\n\nImage RAW\n\nCVE-ID: CVE-2010-0507\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted PEF image may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A buffer overflow exists in Image RAW\u2019s handling of PEF\n\nimages. Viewing a maliciously crafted PEF image may lead to an\n\nunexpected application termination or arbitrary code execution. This\n\nissue is addressed through improved bounds checking. Credit to Chris\n\nRies of Carnegie Mellon University Computing Services for reporting\n\nthis issue.\n\nLibsystem\n\nCVE-ID: CVE-2009-0689\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Applications that convert untrusted data between binary\n\nfloating point and text may be vulnerable to an unexpected\n\napplication termination or arbitrary code execution\n\nDescription: A buffer overflow exists in the floating point binary\n\nto text conversion code within Libsystem. An attacker who can cause\n\nan application to convert a floating point value into a long string,\n\nor to parse a maliciously crafted string as a floating point value,\n\nmay be able to cause an unexpected application termination or\n\narbitrary code execution. This issue is addressed through improved\n\nbounds checking. Credit to Maksymilian Arciemowicz of\n\nSecurityReason.com for reporting this issue.\n\nMail\n\nCVE-ID: CVE-2010-0508\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Rules associated with a deleted mail account remain in\n\neffect\n\nDescription: When a mail account is deleted, user-defined filter\n\nrules associated with that account remain active. This may result in\n\nunexpected actions. This issue is addressed by disabling associated\n\nrules when a mail account is deleted.\n\nMail\n\nCVE-ID: CVE-2010-0525\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Mail may use a weaker encryption key for outgoing email\n\nDescription: A logic issue exists in Mail\u2019s handling of encryption\n\ncertificates. When multiple certificates for the recipient exist in\n\nthe keychain, Mail may select an encryption key that is not intended\n\nfor encipherment. This may lead to a security issue if the chosen key\n\nis weaker than expected. This issue is addressed by ensuring that the\n\nkey usage extension within certificates is evaluated when selecting a\n\nmail encryption key. Credit to Paul Suh of ps Enable, Inc. for\n\nreporting this issue.\n\nMailman\n\nCVE-ID: CVE-2008-0564\n\nAvailable for: Mac OS X Server v10.5.8\n\nImpact: Multiple vulnerabilities in Mailman 2.1.9\n\nDescription: Multiple cross-site scripting issues exist in Mailman\n\n2.1.9. These issues are addressed by updating Mailman to version\n\n2.1.13. Further information is available via the Mailman site at\n\nhttp://mail.python.org/pipermail/mailman-\n\nannounce/2009-January/000128.html These issues only affect Mac OS X\n\nServer systems, and do not affect versions 10.6 or later.\n\nMySQL\n\nCVE-ID: CVE-2008-4456, CVE-2008-7247, CVE-2009-2446, CVE-2009-4019,\n\nCVE-2009-4030\n\nAvailable for: Mac OS X Server v10.6 through v10.6.2\n\nImpact: Multiple vulnerabilities in MySQL 5.0.82\n\nDescription: MySQL is updated to version 5.0.88 to address multiple\n\nvulnerabilities, the most serious of which may lead to arbitrary code\n\nexecution. These issues only affect Mac OS X Server systems. Further\n\ninformation is available via the MySQL web site at\n\nhttp://dev.mysql.com/doc/refman/5.0/en/news-5-0-88.html\n\nOS Services\n\nCVE-ID: CVE-2010-0509\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: A local user may be able to obtain elevated privileges\n\nDescription: A privilege escalation issue exists in SFLServer, as it\n\nruns as group \u2018wheel\u2019 and accesses files in users\u2019 home directories.\n\nThis issue is addressed through improved privilege management. Credit\n\nto Kevin Finisterre of DigitalMunition for reporting this issue.\n\nPassword Server\n\nCVE-ID: CVE-2010-0510\n\nAvailable for: Mac OS X Server v10.5.8,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: A remote attacker may be able to log in with an outdated\n\npassword\n\nDescription: An implementation issue in Password Server\u2019s handling\n\nof replication may cause passwords to not be replicated. A remote\n\nattacker may be able to log in to a system using an outdated\n\npassword. This issue is addressed through improved handling of\n\npassword replication. This issue only affects Mac OS X Server\n\nsystems. Credit to Jack Johnson of Anchorage School District for\n\nreporting this issue.\n\nperl\n\nCVE-ID: CVE-2008-5302, CVE-2008-5303\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\n\nImpact: A local user may cause arbitrary files to be deleted\n\nDescription: Multiple race condition issues exist in the rmtree\n\nfunction of the perl module File::Path. A local user with write\n\naccess to a directory that is being deleted may cause arbitrary files\n\nto be removed with the privileges of the perl process. This issue is\n\naddressed through improved handling of symbolic links. This issue\n\ndoes not affect Mac OS X v10.6 systems.\n\nPHP\n\nCVE-ID: CVE-2009-3557, CVE-2009-3558, CVE-2009-3559, CVE-2009-4017\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Multiple vulnerabilities in PHP 5.3.0\n\nDescription: PHP is updated to version 5.3.1 to address multiple\n\nvulnerabilities, the most serious of which may lead to arbitary code\n\nexecution. Further information is available via the PHP website at\n\nhttp://www.php.net/\n\nPHP\n\nCVE-ID: CVE-2009-3557, CVE-2009-3558, CVE-2009-3559, CVE-2009-4142,\n\nCVE-2009-4143\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\n\nImpact: Multiple vulnerabilities in PHP 5.2.11\n\nDescription: PHP is updated to version 5.2.12 to address multiple\n\nvulnerabilities, the most serious of which may lead to cross-site\n\nscripting. Further information is available via the PHP website at\n\nhttp://www.php.net/\n\nPodcast Producer\n\nCVE-ID: CVE-2010-0511\n\nAvailable for: Mac OS X Server v10.6 through v10.6.2\n\nImpact: An unauthorized user may be able to access a Podcast\n\nComposer workflow\n\nDescription: When a Podcast Composer workflow is overwritten, the\n\naccess restrictions are removed. This may allow an unauthorized user\n\nto access a Podcast Composer workflow. This issue is addressed\n\nthrough improved handling of workflow access restrictions. Podcast\n\nComposer was introduced in Mac OS X Server v10.6.\n\nPreferences\n\nCVE-ID: CVE-2010-0512\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: A network user may be able to bypass system login\n\nrestrictions\n\nDescription: An implementation issue exists in the handling of\n\nsystem login restrictions for network accounts. If the network\n\naccounts allowed to log in to the system at the Login Window are\n\nidentified by group membership only, the restriction will not be\n\nenforced, and all network users will be allowed to log in to the\n\nsystem. The issue is addressed through improved group restriction\n\nmanagement in the Accounts preference pane. This issue only affects\n\nsystems configured to use a network account server, and does not\n\naffect systems prior to Mac OS X v10.6. Credit to Christopher D.\n\nGrieb of University of Michigan MSIS for reporting this issue.\n\nPS Normalizer\n\nCVE-ID: CVE-2010-0513\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted PostScript file may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A stack buffer overflow exists in the handling of\n\nPostScript files. Viewing a maliciously crafted PostScript file may\n\nlead to an unexpected application termination or arbitrary code\n\nexecution. This issue is addressed by performing additional\n\nvalidation of PostScript files. On Mac OS X v10.6 systems this issue\n\nis mitigated by the -fstack-protector compiler flag. Credit: Apple.\n\nQuickTime\n\nCVE-ID: CVE-2010-0062\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted movie file may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A heap buffer overflow exists in QuickTime\u2019s handling\n\nof H.263 encoded movie files. Viewing a maliciously crafted movie\n\nfile may lead to an unexpected application termination or arbitrary\n\ncode execution. This issue is addressed by performing additional\n\nvalidation of H.263 encoded movie files. Credit to Damian Put working\n\nwith TippingPoint\u2019s Zero Day Initiative for reporting this issue.\n\nQuickTime\n\nCVE-ID: CVE-2010-0514\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted movie file may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A heap buffer overflow exists in the handling of H.261\n\nencoded movie files. Viewing a maliciously crafted movie file may\n\nlead to an unexpected application termination or arbitrary code\n\nexecution. This issue is addressed by performing additional\n\nvalidation of H.261 encoded movie files. Credit to Will Dormann of\n\nthe CERT/CC for reporting this issue.\n\nQuickTime\n\nCVE-ID: CVE-2010-0515\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted movie file may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A memory corruption in the handling of H.264 encoded\n\nmovie files. Viewing a maliciously crafted movie file may lead to an\n\nunexpected application termination or arbitrary code execution. This\n\nissue is addressed by performing additional validation of H.264\n\nencoded movie files.\n\nQuickTime\n\nCVE-ID: CVE-2010-0516\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted movie file may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A heap buffer overflow in the handling of RLE encoded\n\nmovie files. Viewing a maliciously crafted movie file may lead to an\n\nunexpected application termination or arbitrary code execution. This\n\nissue is addressed by performing additional validation of RLE encoded\n\nmovie files. Credit to an anonymous researcher working with\n\nTippingPoint\u2019s Zero Day Initiative for reporting this issue.\n\nQuickTime\n\nCVE-ID: CVE-2010-0517\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted movie file may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A heap buffer overflow in the handling of M-JPEG\n\nencoded movie files. Viewing a maliciously crafted movie file may\n\nlead to an unexpected application termination or arbitrary code\n\nexecution. This issue is addressed by performing additional\n\nvalidation of M-JPEG encoded movie files. Credit to Damian Put\n\nworking with TippingPoint\u2019s Zero Day Initiative for reporting this\n\nissue.\n\nQuickTime\n\nCVE-ID: CVE-2010-0518\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted movie file may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A memory corruption issue exists in the handling of\n\nSorenson encoded movie files. Viewing a maliciously crafted movie\n\nfile may lead to an unexpected application termination or arbitrary\n\ncode execution. This issue is addressed by performing additional\n\nvalidation of Sorenson encoded movie files. Credit to Will Dormann of\n\nthe CERT/CC for reporting this issue.\n\nQuickTime\n\nCVE-ID: CVE-2010-0519\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted movie file may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: An integer overflow exists in the handling of FlashPix\n\nencoded movie files. Viewing a maliciously crafted movie file may\n\nlead to an unexpected application termination or arbitrary code\n\nexecution. This issue is addressed through improved bounds checking.\n\nCredit to an anonymous researcher working with TippingPoint\u2019s Zero\n\nDay Initiative for reporting this issue.\n\nQuickTime\n\nCVE-ID: CVE-2010-0520\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted movie file may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A heap buffer overflow exists in the handling of FLC\n\nencoded movie files. Viewing a maliciously crafted movie file may\n\nlead to an unexpected application termination or arbitrary code\n\nexecution. This issue is addressed by performing additional\n\nvalidation of FLC encoded movie files. Credit to Moritz Jodeit of\n\nn.runs AG, working with TippingPoint\u2019s Zero Day Initiative, and\n\nNicols Joly of VUPEN Security for reporting this issue.\n\nQuickTime\n\nCVE-ID: CVE-2010-0526\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted MPEG file may lead to an\n\nunexpected application termination or arbitrary code execution\n\nDescription: A heap buffer overflow exists in the handling of MPEG\n\nencoded movie files. Viewing a maliciously crafted movie file may\n\nlead to an unexpected application termination or arbitrary code\n\nexecution. This issue is addressed by performing additional\n\nvalidation of MPEG encoded movie files. Credit to an anonymous\n\nresearcher working with TippingPoint\u2019s Zero Day Initiative for\n\nreporting this issue.\n\nRuby\n\nCVE-ID: CVE-2009-2422, CVE-2009-3009, CVE-2009-4214\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Multiple issues in Ruby on Rails\n\nDescription: Multiple vulnerabilities exist in Ruby on Rails, the\n\nmost serious of which may lead to cross-site scripting. On Mac OS X\n\nv10.6 systems, these issues are addressed by updating Ruby on Rails\n\nto version 2.3.5. Mac OS X v10.5 systems are affected only by\n\nCVE-2009-4214, and this issue is addressed through improved\n\nvalidation of arguments to strip_tags.\n\nRuby\n\nCVE-ID: CVE-2009-1904\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Running a Ruby script that uses untrusted input to\n\ninitialize a BigDecimal object may lead to an unexpected application\n\ntermination\n\nDescription: A stack exhaustion issue exists in Ruby\u2019s handling of\n\nBigDecimal objects with very large values. Running a Ruby script that\n\nuses untrusted input to initialize a BigDecimal object may lead to an\n\nunexpected application termination. For Mac OS X v10.6 systems, this\n\nissue is addressed by updating Ruby to version 1.8.7-p173. For Mac OS\n\nv10.5 systems, this issue is addressed by updating Ruby to version\n\n1.8.6-p369.\n\nServer Admin\n\nCVE-ID: CVE-2010-0521\n\nAvailable for: Mac OS X Server v10.5.8,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: A remote attacker may extract information from Open\n\nDirectory\n\nDescription: A design issue exists in the handling of authenticated\n\ndirectory binding. A remote attacker may be able to anonymously\n\nextract information from Open Directory, even if the \u201cRequire\n\nauthenticated binding between directory and clients\u201d option is\n\nenabled. The issue is addressed by removing this configuration\n\noption. This issue only affects Mac OS X Server systems. Credit to\n\nScott Gruby of Gruby Solutions, and Mathias Haack of GRAVIS\n\nComputervertriebsgesellschaft mbH for reporting this issue.\n\nServer Admin\n\nCVE-ID: CVE-2010-0522\n\nAvailable for: Mac OS X Server v10.5.8\n\nImpact: A former administrator may have unauthorized access to\n\nscreen sharing\n\nDescription: A user who is removed from the \u2018admin\u2019 group may still\n\nconnect to the server using screen sharing. This issue is addressed\n\nthrough improved handling of administrator privileges. This issue\n\nonly affects Mac OS X Server systems, and does not affect version\n\n10.6 or later. Credit: Apple.\n\nSMB\n\nCVE-ID: CVE-2009-2906\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: A remote attacker may be able to cause a denial of service\n\nDescription: An infinite loop issue exists in Samba\u2019s handling of\n\nSMB \u2018oplock\u2019 break notifications. A remote attacker may be able to\n\ntrigger an infinite loop in smbd, causing it to consume excessive CPU\n\nresources. The issue is addressed through improved handling of\n\n\u2018oplock\u2019 break notifications.\n\nTomcat\n\nCVE-ID: CVE-2009-0580, CVE-2009-0033, CVE-2009-0783, CVE-2008-5515,\n\nCVE-2009-0781, CVE-2009-2901, CVE-2009-2902, CVE-2009-2693\n\nAvailable for: Mac OS X Server v10.5.8,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: Multiple vulnerabilities in Tomcat 6.0.18\n\nDescription: Tomcat is updated to version 6.0.24 to address multiple\n\nvulnerabilities, the most serious of which may lead to a cross site\n\nscripting attack. Tomcat is only provided on Mac OS X Server systems.\n\nFurther information is available via the Tomcat site at\n\nhttp://tomcat.apache.org/\n\nunzip\n\nCVE-ID: CVE-2008-0888\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\n\nImpact: Extracting maliciously crafted zip files using the unzip\n\ncommand tool may lead to an unexpected application termination or\n\ncode execution\n\nDescription: An uninitialized pointer issue exists is the handling\n\nof zip files. Extracting maliciously crafted zip files using the\n\nunzip command tool may lead to an unexpected application termination\n\nor arbitrary code execution. This issue is addressed by performing\n\nadditional validation of zip files. This issue does not affect Mac OS\n\nX v10.6 systems.\n\nvim\n\nCVE-ID: CVE-2008-2712, CVE-2008-4101, CVE-2009-0316\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\n\nImpact: Multiple vulnerabilities in vim 7.0\n\nDescription: Multiple vulnerabilities exist in vim 7.0, the most\n\nserious of which may lead to arbitrary code execution when working\n\nwith maliciously crafted files. These issues are addressed by\n\nupdating to vim 7.2.102. These issues do not affect Mac OS X v10.6\n\nsystems. Further information is available via the vim website at\n\nhttp://www.vim.org/\n\nWiki Server\n\nCVE-ID: CVE-2010-0523\n\nAvailable for: Mac OS X Server v10.5.8\n\nImpact: Uploading a maliciously crafted applet may lead to the\n\ndisclosure of sensitive information\n\nDescription: Wiki Server allows users to upload active content such\n\nas Java applets. A remote attacker may obtain sensitive information\n\nby uploading a maliciously crafted applet and directing a Wiki Server\n\nuser to view it. The issue is addressed by restricting the file types\n\nthat may be uploaded to the Wiki Server. This issue only affects Mac\n\nOS X Server systems, and does not affect versions 10.6 or later.\n\nWiki Server\n\nCVE-ID: CVE-2010-0534\n\nAvailable for: Mac OS X v10.6 through v10.6.2,\n\nMac OS X Server v10.6 through v10.6.2\n\nImpact: An authenticated user may bypass weblog creation\n\nrestrictions\n\nDescription: Wiki Server supports service access control lists\n\n(SACLs), allowing an administrator to control the publication of\n\ncontent. Wiki Server fails to consult the weblog SACL during the\n\ncreation of a user\u2019s weblog. This may allow an authenticated user to\n\npublish content to the Wiki Server, even though publication should be\n\ndisallowed by the service ACL. This issue does not affect systems\n\nprior to Mac OS X v10.6.\n\nX11\n\nCVE-ID: CVE-2009-2042\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Viewing a maliciously crafted image may lead to the\n\ndisclosure of sensitive information\n\nDescription: libpng is updated to version 1.2.37 to address an issue\n\nthat may result in the disclosure of sensitive information. Further\n\ninformation is available via the libpng site at\n\nhttp://www.libpng.org/pub/png/libpng.html\n\nX11\n\nCVE-ID: CVE-2003-0063\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8,\n\nMac OS X v10.6 through v10.6.2, Mac OS X Server v10.6 through v10.6.2\n\nImpact: Displaying maliciously crafted data within an xterm terminal\n\nmay lead to arbitrary code execution\n\nDescription: The xterm program supports a command sequence to change\n\nthe window title, and to print the window title to the terminal. The\n\ninformation returned is provided to the terminal as though it were\n\nkeyboard input from the user. Within an xterm terminal, displaying\n\nmaliciously crafted data containing such sequences may result in\n\ncommand injection. The issue is addressed by disabling the affected\n\ncommand sequence.\n\nxar\n\nCVE-ID: CVE-2010-0055\n\nAvailable for: Mac OS X v10.5.8, Mac OS X Server v10.5.8\n\nImpact: A modified package may appear as validly signed\n\nDescription: A design issue exists in xar when validating a package\n\nsignature. This may allow a modified package to appear as validly\n\nsigned. This issue is fixed through improved package signature\n\nvalidation. This issue does not affect Mac OS X v10.6 systems.\n\nCredit: Apple.\n\nSecurity Update 2010-002 / Mac OS X v10.6.3 may be obtained from\n\nthe Software Update pane in System Preferences, or Apple\u2019s Software\n\nDownloads web site:\n\nhttp://www.apple.com/support/downloads/\n\n[](<https://threatpost.com/apple-mega-patch-covers-88-mac-os-x-vulnerabilities-032910/>)Apple today released one of its biggest Mac OS X security updates in recent memory, covering a whopping 88 documented vulnerabilities.\n\nThe Mac OS X v10.6.3 update, which is considered \u201ccritical,\u201d covers flaws that could lead to remote code execution, information disclosure and denial-of-service attacks.\n\nIn some scenarios, a malicious hacker could take complete control of a Mac-powered machine if a user simply views a malicious image or movie file.\n\nThe update covers critical vulnerabilities in AppKit, QuickTime,CoreMedia, CoreTypes, DiskImages, ImageIO and Image RAW.\n\nIt also covers holes in several open-source components, including Apache, ClamAV, MySQL, PHP.\n\nHere\u2019s [the full list](<http://support.apple.com/kb/HT4077>) of the patched vulnerabilities. \n\nThe Security Update 2010-002 / Mac OS X v10.6.3 may be obtained from the Software Update pane in System Preferences, or [Apple\u2019s Software Downloads](<site:http://www.apple.com/support/downloads/>) web page.\n", "modified": "2013-04-17T16:37:25", "published": "2010-03-29T17:15:44", "id": "THREATPOST:4F867C686B7E31697E158FBD04A5DD35", "href": "https://threatpost.com/apple-mega-patch-covers-88-mac-os-x-vulnerabilities-032910/73753/", "type": "threatpost", "title": "Apple Mega Patch Covers 88 Mac OS X Vulnerabilities", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}]}
