Scientific Linux Security Update : curl on SL5.x, SL6.x i386/x86_64
Medium Nessus Plugin ID 66226
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionA flaw was found in the way libcurl matched domains associated with cookies. This could lead to cURL or an application linked against libcurl sending the wrong cookie if only part of the domain name matched the domain associated with the cookie, disclosing the cookie to unrelated hosts. (CVE-2013-1944)
All running applications using libcurl must be restarted for the update to take effect.
SolutionUpdate the affected packages.