Lucene search

CVE-2013-6422

🗓️ 23 Dec 2013 22:02:55Reported by redhatType

The GnuTLS backend in libcurl 7.21.4 through 7.33.0 disables SSL verifications, enabling easier MITM attacks

Reporter	Title	Published	Views	Family All 34
Tenable Nessus	Debian DSA-2824-1 : curl - unchecked tls/ssl certificate host name	20 Dec 201300:00	–	nessus
Tenable Nessus	FreeBSD : cURL library -- cert name check ignore with GnuTLS (4e1f4abc-6837-11e3-9cda-3c970e169bc2)	19 Dec 201300:00	–	nessus
Tenable Nessus	Ubuntu 12.04 LTS / 12.10 / 13.04 / 13.10 : curl vulnerability (USN-2058-1)	19 Dec 201300:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP3 : curl (EulerOS-SA-2021-1774)	30 Apr 202100:00	–	nessus
Tenable Nessus	GLSA-201401-14 : cURL: Multiple vulnerabilities	21 Jan 201400:00	–	nessus
Tenable Nessus	EulerOS 2.0 SP2 : curl (EulerOS-SA-2020-1626)	17 Jun 202000:00	–	nessus
Tenable Nessus	EulerOS Virtualization 2.5.3 : curl (EulerOS-SA-2019-1172)	9 Apr 201900:00	–	nessus
Tenable Nessus	HP System Management Homepage < 7.4 Multiple Vulnerabilities	8 Oct 201400:00	–	nessus
NVD	CVE-2013-6422	23 Dec 201322:55	–	nvd
FreeBSD	cURL library -- cert name check ignore with GnuTLS	17 Dec 201300:00	–	freebsd

Nvd

Node

debian debian_linuxMatch7.0

Node

canonical ubuntu_linuxMatch12.04-lts

canonical ubuntu_linuxMatch12.10

canonical ubuntu_linuxMatch13.04

canonical ubuntu_linuxMatch13.10

Node

haxx libcurlMatch7.21.4

haxx libcurlMatch7.21.5

haxx libcurlMatch7.21.6

haxx libcurlMatch7.21.7

haxx libcurlMatch7.22.0

haxx libcurlMatch7.23.0

haxx libcurlMatch7.23.1

haxx libcurlMatch7.24.0

haxx libcurlMatch7.25.0

haxx libcurlMatch7.26.0

haxx libcurlMatch7.27.0

haxx libcurlMatch7.28.0

haxx libcurlMatch7.28.1

haxx libcurlMatch7.29.0

haxx libcurlMatch7.30.0

haxx libcurlMatch7.31.0

haxx libcurlMatch7.32.0

haxx libcurlMatch7.33.0

Source	Link
curl	www.curl.haxx.se/docs/adv_20131217.html
oracle	www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
debian	www.debian.org/security/2013/dsa-2824
h20564	www.h20564.www2.hp.com/hpsc/doc/public/display
ubuntu	www.ubuntu.com/usn/USN-2058-1

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

23 Dec 2013 22:55Current

6.8Medium risk

Vulners AI Score6.8

CVSS24

EPSS0.00332

CWE-20