Mandriva Linux Security Advisory : libsoup (MDVSA-2012:036)
Medium Nessus Plugin ID 58475
SynopsisThe remote Mandriva Linux host is missing one or more security updates.
DescriptionA vulnerability has been found and corrected in libsoup :
Directory traversal vulnerability in soup-uri.c in SoupServer in libsoup before 2.35.4 allows remote attackers to read arbitrary files via a \%2e\%2e (encoded dot dot) in a URI (CVE-2011-2524).
The updated packages have been patched to correct this issue.
SolutionUpdate the affected packages.