CVE-2006-1061

Name of the Vulnerable Software and Affected Versions: curl versions 7.15.0 through 7.15.2 curl version 7.15.3 and earlier

Description: The issue allows remote attackers to execute arbitrary commands via a TFTP URL (tftp://) with a valid hostname and a long path, leading to a heap-based buffer overflow in curl and libcURL. This overflow occurs due to the lack of boundary check when using the given file part of a TFTP URL. The affected flaw can be triggered by a redirect if curl/libcurl is told to follow redirects and an HTTP server points the client to a TFTP URL with the characteristics described above.

Recommendations: For versions 7.15.0 through 7.15.2, update to version 7.15.3 or later to resolve the issue. For version 7.15.3 and earlier, update to a version later than 7.15.3 to resolve the issue. As a temporary workaround, consider disabling the use of TFTP URLs (tftp://) in curl and libcURL until a patch is available. Avoid using paths longer than 512 bytes in TFTP URLs (tftp://) until the issue is resolved.