Nessus Plugin #18031
Plugin Index
Note: This file has been created from a
downloaded version of the Nessus Plugins
from
http://www.nessus.org/.
Therefore, the information here can be outdated.
[GLSA-200504-09] Axel: Vulnerability in HTTP redirection handling
- Family:
- Gentoo Local Security Checks
- Category:
- infos
- Copyright:
- (C) 2005 Michel Arboi
- Summary:
- Axel: Vulnerability in HTTP redirection handling
- Version:
- $Revision: 1.1 $
- Cve_id:
- CAN-2005-0390
- Bugtraq_id:
- -
- Xrefs:
- GLSA:200504-09
- Description:
- The remote host is affected by the vulnerability described in GLSA-200504-09
(Axel: Vulnerability in HTTP redirection handling)
A possible buffer overflow has been reported in the HTTP
redirection handling code in conn.c.
Impact
A remote attacker could exploit this vulnerability by setting up a
malicious site and enticing a user to connect to it. This could
possibly lead to the execution of arbitrary code with the permissions
of the user running Axel.
Workaround
There is no known workaround at this time.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0390
Solution:
All Axel users should upgrade to the latest version:
# emerge --sync
# emerge --ask --oneshot --verbose ">=net-misc/axel-1.0b"
Risk factor : Medium
Generiert am 27.04.2005 um 18:49:54 Uhr.