curl vulnerability
Global Rank: 229
Totalscore: 92743
Posts: 1680
Thanks: 1358
UpVotes: 920
Registered: 16y 280d
Last Seen: 2s
The User is Online
curl vulnerability
Feb 09, 2013 - 16:15:51 (11y 288d)
Feb 09, 2013 - 16:15:51 (11y 288d)
Hello,
I want to warn you about a vulnerability in curl.
There exists a buffer overflow in the email protocols, pop3, imap and other.
If a user can submit urls which you pass into curl, please note that the server may answer with a redirect to these protocols
If you cannot upgrade curl easily, i recommend patching your requests with
curl_setopt($ch, CURLOPT_PROTOCOLS, CURLPROTO_HTTP|CURLPROTO_HTTPS);
I want to warn you about a vulnerability in curl.
There exists a buffer overflow in the email protocols, pop3, imap and other.
If a user can submit urls which you pass into curl, please note that the server may answer with a redirect to these protocols
If you cannot upgrade curl easily, i recommend patching your requests with
curl_setopt($ch, CURLOPT_PROTOCOLS, CURLPROTO_HTTP|CURLPROTO_HTTPS);
The geeks shall inherit the properties and methods of object earth.
tunelko, quangntenemy, TheHiveMind, Z, balicocat, Ge0, samuraiblanco, arraez, jcquinterov, hophuocthinh, alfamen2, burhanudinn123, Ben_Dover, stephanduran89, braddie0, SwolloW, dangarbri, csuquvq have subscribed to this thread and receive emails on new posts.
1 people are watching the thread at the moment.
This thread has been viewed 3057 times.
1 people are watching the thread at the moment.
This thread has been viewed 3057 times.