Mandriva Linux Security Advisory : curl (MDVSA-2009:069)
Medium Nessus Plugin ID 36751
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionA security vulnerability has been identified and fixed in curl, which could allow remote HTTP servers to (1) trigger arbitrary requests to intranet servers, (2) read or overwrite arbitrary files via a redirect to a file: URL, or (3) execute arbitrary commands via a redirect to an scp: URL (CVE-2009-0037).
The updated packages have been patched to prevent this.
SolutionUpdate the affected packages.