cURL/libcurl 7.x < 7.49.1 RCE
Medium Nessus Network Monitor Plugin ID 9763
SynopsisThe host is running a version of cURL/libcurl that is vulnerable to a Remote Code Exection (RCE) attack vector.
DescriptionVersions of cURL and libcurl prior to 7.49.1 are affected by a flaw that is triggered when loading certain dynamic-link libraries including 'security.dll', 'secur32.dll', and 'ws2_32.dll'. The program uses an insecure path to look for specific files or libraries that includes the current working directory, which may not be trusted or under user control. By placing a specially crafted library in the path and tricking a user into opening a FILETYPE file located on a remote WebDAV share, a context-dependent attacker can inject and execute arbitrary code with the privilege of the user running the program.
SolutionUpgrade to cURL/libcurl 7.49.1 or later.