Username: 
Password: 
Restrict session to IP 

curl vulnerability

Global Rank: 227
Totalscore: 94363
Posts: 1680
Thanks: 1358
UpVotes: 920
Registered: 16y 290d




Last Seen: 5d 23h
The User is Offline
curl vulnerability
Google/translate0Thank You!1Good Post!0Bad Post! link
Hello,

I want to warn you about a vulnerability in curl.

There exists a buffer overflow in the email protocols, pop3, imap and other.
If a user can submit urls which you pass into curl, please note that the server may answer with a redirect to these protocols

If you cannot upgrade curl easily, i recommend patching your requests with

curl_setopt($ch, CURLOPT_PROTOCOLS, CURLPROTO_HTTP|CURLPROTO_HTTPS);
The geeks shall inherit the properties and methods of object earth.
tunelko, quangntenemy, TheHiveMind, Z, balicocat, Ge0, samuraiblanco, arraez, jcquinterov, hophuocthinh, alfamen2, burhanudinn123, Ben_Dover, stephanduran89, braddie0, SwolloW, dangarbri, csuquvq have subscribed to this thread and receive emails on new posts.
1 people are watching the thread at the moment.
This thread has been viewed 3064 times.