Ubuntu Security Notice (C) 2009-2014 Canonical, Inc. / NASL script (C) 2009-2014 Tenable Network Security, Inc.
The remote Ubuntu host is missing one or more security-related patches.
USN-726-1 fixed a vulnerability in curl. Due to an incomplete fix, a
regression was introduced in Ubuntu 8.10 that caused certain types of
URLs to fail. This update fixes the problem. We apologize for the
It was discovered that curl did not enforce any restrictions when
following URL redirects. If a user or automated system were tricked
into opening a URL to an untrusted server, an attacker could use
redirects to gain access to arbitrary files. This update changes curl
behavior to prevent following 'file' URLs after a redirect.
Update the affected packages.
Risk factor :
Medium / CVSS Base Score : 6.8
CVSS Temporal Score : 5.6
Public Exploit Available : true
Family: Ubuntu Local Security Checks
Nessus Plugin ID: 36478 ()
Bugtraq ID: 33962
CVE ID: CVE-2009-0037
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.