← back
CVE-2006-1061

CVE-2006-1061

EPSS 5.1%
Heap-based buffer overflow in cURL and libcURL 7.15.0 through 7.15.2 allows remote attackers to execute arbitrary commands via a TFTP URL (tftp://) with a valid hostname and a long path.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://archives.neohapsis.com/archives/fulldisclosure/2006-03/1326.htmlhttp://curl.haxx.se/docs/adv_20060320.htmlhttp://secunia.com/advisories/19271http://secunia.com/advisories/19335http://secunia.com/advisories/19344http://secunia.com/advisories/19371https://exchange.xforce.ibmcloud.com/vulnerabilities/25318http://www.gentoo.org/security/en/glsa/glsa-200603-19.xmlhttp://www.osvdb.org/23982http://www.redhat.com/archives/fedora-announce-list/2006-March/msg00048.htmlhttp://www.securityfocus.com/bid/17154http://www.trustix.org/errata/2006/0016