Re: cURL remote PoC for FBSD

From: sm (sm@resistor.net)
Date: 05/07/02

Previous message: Deus, Attonbitus: "Publishing Nimda Logs"
In reply to: KF: "cURL remote PoC for FBSD"
Next in thread: KF: "Re: cURL remote PoC for FBSD"
Next in thread: Daniel Stenberg: "Re: cURL remote PoC for FBSD"
Reply: KF: "Re: cURL remote PoC for FBSD"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Tue, 07 May 2002 17:47:06 +0400
To: vuln-dev@security-focus.com, bugtraq <bugtraq@securityfocus.org>
From: sm <sm@resistor.net>

At 23:43 05-05-2002 -0400, KF wrote:
>Here is some PoC code for the recent cURL overflows. (FBSD version)
># Remote FreeBSD cURL exploit for versions 6.1 - 7.4

This bug has been fixed in cURL version 7.4.1 See the comments of Daniel
Stenberg, the curl project maintainer at
http://online.securityfocus.com/archive/1/140883

The FreeBSD Security Advisory FreeBSD-SA-00:72 mentions this issue.

-sm

Previous message: Deus, Attonbitus: "Publishing Nimda Logs"
In reply to: KF: "cURL remote PoC for FBSD"
Next in thread: KF: "Re: cURL remote PoC for FBSD"
Next in thread: Daniel Stenberg: "Re: cURL remote PoC for FBSD"
Reply: KF: "Re: cURL remote PoC for FBSD"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: http-access2 multi-part from upload
... also, and this of off-topic but important, i had three different versions of curl and all three required different command line flags to get going, with only two versions being able to actually upload to rubyforge due to a bug in cookied handling. ... in the first case the cookies are not sent to the client and the cookie file ...
(comp.lang.ruby)
cURL remote PoC for FBSD
... Here is some PoC code for the recent cURL overflows. ... (FBSD version) ...
(Vuln-Dev)
cURL remote PoC for FBSD
... Here is some PoC code for the recent cURL overflows. ... (FBSD version) ...
(Bugtraq)