Users login

Create an account »

JOIN XATRIX

Users login

Home » Security Advisories» OpenPKG » cURL buffer overflow

cURL buffer overflow

According to a vendor security advisory [0], a buffer overflow exists in cURL [1], a command line tool for fetching content via URLs. The Common Vulnerabilities and Exposures (CVE) project assigned the id CVE-2006-1061 [2] to the problem.

  • Vendor: OpenPKG
  • Vendor ID: SA-2006.012
  • Date: June 28, 2006


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

________________________________________________________________________

OpenPKG Security Advisory The OpenPKG Project
http://www.openpkg.org/security/ http://www.openpkg.org
[email protected] [email protected]
OpenPKG-SA-2006.012 28-Jun-2006
________________________________________________________________________

Package: curl
Vulnerability: buffer overflow
OpenPKG Specific: no

Affected Releases: Affected Packages: Corrected Packages:
OpenPKG CURRENT <= curl-7.15.2-20060227 >= curl-7.15.3-20060320
OpenPKG 2-STABLE N.A. N.A.
OpenPKG 2.5-RELEASE <= curl-7.15.0-2.5.1 >= curl-7.15.0-2.5.2

Description:
According to a vendor security advisory [0], a buffer overflow exists
in cURL [1], a command line tool for fetching content via URLs. The
Common Vulnerabilities and Exposures (CVE) project assigned the id
CVE-2006-1061 [2] to the problem.
________________________________________________________________________

References:
[0] http://curl.haxx.se/docs/adv_20060320.html
[1] http://curl.haxx.se/
[2] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1061
________________________________________________________________________

For security reasons, this advisory was digitally signed with the
OpenPGP public key "OpenPKG " (ID 63C4CB9F) of the
OpenPKG project which you can retrieve from http://pgp.openpkg.org and
hkp://pgp.openpkg.org. Follow the instructions on http://pgp.openpkg.org
for details on how to verify the integrity of this advisory.
________________________________________________________________________

-----BEGIN PGP SIGNATURE-----
Comment: OpenPKG

iD8DBQFEokfVgHWT4GPEy58RAkfZAJ9WPW9owb25lc6LkUbJhanEDZ01gwCeMAGP
2DSfvJ1apI56z6nDbCf4Io8=
=c5Vi
-----END PGP SIGNATURE-----

Newsletter signup

Signup to our monthly newsletter and stay in touch with IT news!

Free E-books

We've got ebooks! But they're not online. :( Please give us a few days to bring downloads back.

Contact

Have something to say or just wanna drop us a line? Please keep this in mind: to spam, we reply with spam.

Contact us »