oval:org.mitre.oval:def:6074

Definition Id: oval:org.mitre.oval:def:6074

Oval ID:	oval:org.mitre.oval:def:6074
Title:	cURL/libcURL HTTP 'Location:' Redirect Security Bypass Vulnerability
Description:	The redirect implementation in curl and libcurl 5.11 through 7.19.3, when CURLOPT_FOLLOWLOCATION is enabled, accepts arbitrary Location values, which might allow remote HTTP servers to (1) trigger arbitrary requests to intranet servers, (2) read or overwrite arbitrary files via a redirect to a file: URL, or (3) execute arbitrary commands via a redirect to an scp: URL.
Family:	unix	Class:	vulnerability
Reference(s):	CVE-2009-0037	Version:	5
Platform(s):	VMWare ESX Server 4.0	Product(s):
Definition Synopsis:
VMware ESX Server 4.0 is installed All patches must be installed to not be vulnerable Patch ESX400-200906411-SG is not installed AND Patch ESX400-200906407-SG is not installed

Definition Id: oval:org.mitre.oval:def:5506

Oval ID:	oval:org.mitre.oval:def:5506
Title:	VMware ESX Server 4.0 is installed
Description:	The operating system installed on the system is VMware ESX Server 4.0.
Family:	unix	Class:	inventory
Reference(s):	cpe:/o:vmware:esx:4.0	Version:	3
Platform(s):	VMware ESX Server 4.0	Product(s):
Definition Synopsis:
VMware ESX Server 4.0 is installed
Referenced By:
oval:org.mitre.oval:def:6074