Scientific Linux Security Update : curl on SL5.x, SL6.x i386/srpm/x86_64
Medium Nessus Plugin ID 66982
SynopsisThe remote Scientific Linux host is missing one or more security updates.
DescriptionA heap-based buffer overflow flaw was found in the way libcurl unescaped URLs. A remote attacker could provide a specially crafted URL that, when processed by an application using libcurl that handles untrusted URLs, would possibly cause it to crash or, potentially, execute arbitrary code. (CVE-2013-2174)
All running applications using libcurl must be restarted for the update to take effect.
SolutionUpdate the affected packages.