Nessus Plugin #18031

Plugin Index

Note: This file has been created from a downloaded version of the Nessus Plugins from http://www.nessus.org/. Therefore, the information here can be outdated.

[GLSA-200504-09] Axel: Vulnerability in HTTP redirection handling

Family:
Gentoo Local Security Checks
Category:
infos
Copyright:
(C) 2005 Michel Arboi
Summary:
Axel: Vulnerability in HTTP redirection handling
Version:
$Revision: 1.1 $
Cve_id:
CAN-2005-0390
Bugtraq_id:
-
Xrefs:
GLSA:200504-09
Description:
The remote host is affected by the vulnerability described in GLSA-200504-09
(Axel: Vulnerability in HTTP redirection handling)


A possible buffer overflow has been reported in the HTTP
redirection handling code in conn.c.

Impact

A remote attacker could exploit this vulnerability by setting up a
malicious site and enticing a user to connect to it. This could
possibly lead to the execution of arbitrary code with the permissions
of the user running Axel.

Workaround

There is no known workaround at this time.

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0390


Solution:
All Axel users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/axel-1.0b"


Risk factor : Medium
Generiert am 27.04.2005 um 18:49:54 Uhr.