Title : Debian Security Update Fixes cURL Buffer Overflow Vulnerabilities VUPEN ID : VUPEN/ADV-2005-2850 CVE ID : CVE-2005-3185 - CVE-2005-4077
Rated as : Moderate Risk
Remotely Exploitable : Yes Locally Exploitable : Yes Release Date : 2005-12-13
Technical Description
Debian has released updated packages to address two vulnerabilities identified in cURL/libcURL. These flaws could be exploited by attackers to execute arbitrary commands. For additional information, see : VUPEN/ADV-2005-2791 and VUPEN/ADV-2005-2088
Debian GNU/Linux old-stable (woody) - Upgrade to version 7.9.5-1woody1
Debian GNU/Linux stable (sarge) - Upgrade to version 7.13.2-2sarge4
Debian GNU/Linux unstable (sid) - Upgrade to version 7.15.1-1 References
