Curl Exploit Plugged in Ubuntu 12.10

In order to fix the problem, users just have to update the OS

On February 12, Canonical published in a security notice details about a curl vulnerability for its Ubuntu 12.10 (Quantal Quetzal) operating system.

According to Canonical, curl could be made to crash or run programs, if it opened a malicious URL.

It was discovered that curl incorrectly handled SASL authentication when communicating over POP3, SMTP or IMAP.

If a user or automated system were tricked into processing a specially crafted URL, an attacker could cause a denial of service, or possibly execute arbitrary code. The default compiler options for affected releases should reduce the vulnerability to a denial of service.

The security flaws can be fixed if you upgrade your system(s) to the latest libcurl3 package for Ubuntu 12.10 (Quantal Quetzal). To apply the update, run the Update Manager application.

In general, a standard system update will make all the necessary changes. A system restart won't be necessary to implement the changes.

Hot right now  ·  Latest news