curl vulnerability
Global Rank: 253
Totalscore: 87267
Posts: 1636
Thanks: 1338
UpVotes: 886
Registered: 16y 64d
Last Seen: 4h 7m
The User is Offline
curl vulnerability
Feb 09, 2013 - 16:15:51 (11y 71d)
Feb 09, 2013 - 16:15:51 (11y 71d)
Hello,
I want to warn you about a vulnerability in curl.
There exists a buffer overflow in the email protocols, pop3, imap and other.
If a user can submit urls which you pass into curl, please note that the server may answer with a redirect to these protocols
If you cannot upgrade curl easily, i recommend patching your requests with
curl_setopt($ch, CURLOPT_PROTOCOLS, CURLPROTO_HTTP|CURLPROTO_HTTPS);
I want to warn you about a vulnerability in curl.
There exists a buffer overflow in the email protocols, pop3, imap and other.
If a user can submit urls which you pass into curl, please note that the server may answer with a redirect to these protocols
If you cannot upgrade curl easily, i recommend patching your requests with
curl_setopt($ch, CURLOPT_PROTOCOLS, CURLPROTO_HTTP|CURLPROTO_HTTPS);
The geeks shall inherit the properties and methods of object earth.
tunelko, quangntenemy, TheHiveMind, Z, balicocat, Ge0, samuraiblanco, arraez, jcquinterov, hophuocthinh, alfamen2, burhanudinn123, Ben_Dover, stephanduran89, braddie0, JanLitwin17, SwolloW, dangarbri have subscribed to this thread and receive emails on new posts.
1 people are watching the thread at the moment.
This thread has been viewed 2867 times.
1 people are watching the thread at the moment.
This thread has been viewed 2867 times.