SECURITY: curl (CVE-2006-1061)
Dave Korn
dave.korn@artimi.com
Fri Mar 24 11:51:00 GMT 2006
On 24 March 2006 02:26, Yaakov S (Cygwin Ports) wrote:
> libcurl is affected by a buffer overflow in the handling of URLs for
> the TFTP protocol, which could be exploited to compromise a user's
> system.
>
> Solution: upgrade to 7.15.3.
>
> More information:
> http://security.gentoo.org/glsa/glsa-200603-19.xml
> http://curl.haxx.se/docs/adv_20060320.html
>
>
> Yaakov
New packages prepared - please upload from
tftp://www.evil.com/AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAº”Å×¼êŸæççڎݕÇúù|ǵAAA$%^()%$^&$"<V<Yfassfa£$<£7dfplphH$%^>h,.pf,hef%<ǚ½£½$%>"Y52y54y2y92hj4522546844252e/bin/sh
;) muahahahahaaaaaa!
cheers,
DaveK
--
Can't think of a witty .sigline today....
More information about the Cygwin-talk
mailing list