English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 219043 CVE Beschreibungen
und 99761 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

CVE Kennung:CVE-2009-0037
Beschreibung:The redirect implementation in curl and libcurl 5.11 through 7.19.3, when CURLOPT_FOLLOWLOCATION is enabled, accepts arbitrary Location values, which might allow remote HTTP servers to (1) trigger arbitrary requests to intranet servers, (2) read or overwrite arbitrary files via a redirect to a file: URL, or (3) execute arbitrary commands via a redirect to an scp: URL.
Test Kennungen: 1.3.6.1.4.1.25623.1.0.63561   1.3.6.1.4.1.25623.1.0.63577   1.3.6.1.4.1.25623.1.0.65633   1.3.6.1.4.1.25623.1.0.65210   1.3.6.1.4.1.25623.1.0.63495   1.3.6.1.4.1.25623.1.0.63584   1.3.6.1.4.1.25623.1.0.63706   1.3.6.1.4.1.25623.1.0.63494   1.3.6.1.4.1.25623.1.0.65861   1.3.6.1.4.1.25623.1.0.63515   1.3.6.1.4.1.25623.1.0.63552   1.3.6.1.4.1.25623.1.0.63519   1.3.6.1.4.1.25623.1.0.63708   1.3.6.1.4.1.25623.1.0.122508   1.3.6.1.4.1.25623.1.0.880946   1.3.6.1.4.1.25623.1.0.880833   1.3.6.1.4.1.25623.1.0.880917  
Querverweise: Common Vulnerability Exposure (CVE) ID: CVE-2009-0037
http://lists.apple.com/archives/security-announce/2010//Mar/msg00001.html
BugTraq ID: 33962
http://www.securityfocus.com/bid/33962
Bugtraq: 20090312 rPSA-2009-0042-1 curl (Google Search)
http://www.securityfocus.com/archive/1/501757/100/0/threaded
Bugtraq: 20090711 VMSA-2009-0009 ESX Service Console updates for udev, sudo, and curl (Google Search)
http://www.securityfocus.com/archive/1/504849/100/0/threaded
Debian Security Information: DSA-1738 (Google Search)
http://www.debian.org/security/2009/dsa-1738
http://security.gentoo.org/glsa/glsa-200903-21.xml
http://www.withdk.com/2009/03/03/curllibcurl-redirect-arbitrary-file-access/
http://www.withdk.com/archives/Libcurl_arbitrary_file_access.pdf
http://lists.vmware.com/pipermail/security-announce/2009/000060.html
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11054
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6074
RedHat Security Advisories: RHSA-2009:0341
http://www.redhat.com/support/errata/RHSA-2009-0341.html
http://www.securitytracker.com/id?1021783
http://secunia.com/advisories/34138
http://secunia.com/advisories/34202
http://secunia.com/advisories/34237
http://secunia.com/advisories/34251
http://secunia.com/advisories/34255
http://secunia.com/advisories/34259
http://secunia.com/advisories/34399
http://secunia.com/advisories/35766
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.476602
SuSE Security Announcement: SUSE-SR:2009:006 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00001.html
http://www.ubuntu.com/usn/USN-726-1
http://www.vupen.com/english/advisories/2009/0581
http://www.vupen.com/english/advisories/2009/1865
XForce ISS Database: curl-location-security-bypass(49030)
https://exchange.xforce.ibmcloud.com/vulnerabilities/49030



© 1998-2024 E-Soft Inc. Alle Rechte vorbehalten.