This script is Copyright (C) 2005-2010 Tenable Network Security, Inc.
The remote host is missing a vendor-supplied security patch
The remote host is missing the patch for the advisory SUSE-SA:2005:063 (curl, wget).
This update fixes a stack-based buffer overflow in the NTLM
authentication code used by the file download tools/libraries curl
and wget that can be triggered by using a long user or domain name
(also works with HTTP redirects).
By exploiting this bug by using a malicious server an attacker may
be able to execute arbitrary code with the privileges of the entity
running the process locally. (CVE-2005-3185)
This affects both curl/libcurl and wget >= 1.10. wget copied the code
from libcurl, making this effectively the same problem.
Risk factor :
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now