This script is Copyright (C) 2005-2016 Tenable Network Security, Inc.
The remote host is missing a vendor-supplied security patch
The remote host is missing the patch for the advisory SUSE-SA:2005:011 (curl).
[email protected] reported a vulnerability in libcurl, the
HTTP/FTP retrieval library. This library is used by lots of programs,
including YaST2 and PHP4.
The NTLM authorization in curl had a buffer overflow in the base64
decoding which allows a remote attacker using a prepared remote
server to execute code for the user using curl.
The Kerberos authorization has a similar bug, but is not compiled
in on SUSE Linux.
This is tracked by the Mitre CVE ID CVE-2005-0490.
Risk factor :
Medium / CVSS Base Score : 5.1