Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2000-0973

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2000-0973
Last Modified 05 Sep 2008 04:22:19
Published 19 Dec 2000 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2000-0973

Summary

Buffer overflow in curl earlier than 6.0-1.1, and curl-ssl earlier than 6.0-1.2, allows remote attackers to execute arbitrary commands by forcing a long error message to be generated.

Vulnerable Systems

Application

  • Daniel Stenberg Curl 6.0

  • Daniel Stenberg Curl 6.1

  • Daniel Stenberg Curl 6.1beta

  • Daniel Stenberg Curl 6.3

  • Daniel Stenberg Curl 6.4

  • Daniel Stenberg Curl 6.5

  • Daniel Stenberg Curl 6.5.1

  • Daniel Stenberg Curl 6.5.2

  • Daniel Stenberg Curl 7.1

  • Daniel Stenberg Curl 7.1.1

  • Daniel Stenberg Curl 7.2

  • Daniel Stenberg Curl 7.2.1

  • Daniel Stenberg Curl 7.3

  • Daniel Stenberg Curl 7.4


References

XF - curl-error-bo

BID - 1804

REDHAT - RHBA-2000:092-01

FREEBSD - FreeBSD-SA-00:72


Last Updated: 27 May 2016 10:35:57