- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 32834
- Проверка EDB
-
- Пройдено
- Автор
- DAVID KIERZNOWSKI
- Тип уязвимости
- REMOTE
- Платформа
- LINUX
- CVE
- cve-2009-0037
- Дата публикации
- 2009-03-03
Код:
source: https://www.securityfocus.com/bid/33962/info
cURL/libcURL is prone to a security-bypass vulnerability.
Remote attackers can exploit this issue to bypass certain security restrictions and carry out various attacks.
This issue affects cURL/libcURL 5.11 through 7.19.3. Other versions may also be vulnerable.
The following example redirection request may be used to carry out this attack:
Location: scp://name:passwd@host/a'``;date >/tmp/test``;'- Источник
- www.exploit-db.com
