Lucene search

K
cveRedhatCVE-2015-3143
HistoryApr 24, 2015 - 2:59 p.m.

CVE-2015-3143

2015-04-2414:59:08
CWE-264
redhat
web.nvd.nist.gov
101
curl
libcurl
ntlm
vulnerability
remote attackers
cve-2015-3143
cve-2014-0015
nvd

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

AI Score

7.3

Confidence

Low

EPSS

0.009

Percentile

83.2%

cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015.

Affected configurations

Nvd
Node
haxxcurlMatch7.10.6
OR
haxxcurlMatch7.10.7
OR
haxxcurlMatch7.10.8
OR
haxxcurlMatch7.11.0
OR
haxxcurlMatch7.11.1
OR
haxxcurlMatch7.11.2
OR
haxxcurlMatch7.12.0
OR
haxxcurlMatch7.12.1
OR
haxxcurlMatch7.12.2
OR
haxxcurlMatch7.12.3
OR
haxxcurlMatch7.13.0
OR
haxxcurlMatch7.13.1
OR
haxxcurlMatch7.13.2
OR
haxxcurlMatch7.14.0
OR
haxxcurlMatch7.14.1
OR
haxxcurlMatch7.15.0
OR
haxxcurlMatch7.15.1
OR
haxxcurlMatch7.15.2
OR
haxxcurlMatch7.15.3
OR
haxxcurlMatch7.15.4
OR
haxxcurlMatch7.15.5
OR
haxxcurlMatch7.16.0
OR
haxxcurlMatch7.16.1
OR
haxxcurlMatch7.16.2
OR
haxxcurlMatch7.16.3
OR
haxxcurlMatch7.16.4
OR
haxxcurlMatch7.17.0
OR
haxxcurlMatch7.17.1
OR
haxxcurlMatch7.18.0
OR
haxxcurlMatch7.18.1
OR
haxxcurlMatch7.18.2
OR
haxxcurlMatch7.19.0
OR
haxxcurlMatch7.19.1
OR
haxxcurlMatch7.19.2
OR
haxxcurlMatch7.19.3
OR
haxxcurlMatch7.19.4
OR
haxxcurlMatch7.19.5
OR
haxxcurlMatch7.19.6
OR
haxxcurlMatch7.19.7
OR
haxxcurlMatch7.20.0
OR
haxxcurlMatch7.20.1
OR
haxxcurlMatch7.21.0
OR
haxxcurlMatch7.21.1
OR
haxxcurlMatch7.21.2
OR
haxxcurlMatch7.21.3
OR
haxxcurlMatch7.21.4
OR
haxxcurlMatch7.21.5
OR
haxxcurlMatch7.21.6
OR
haxxcurlMatch7.21.7
OR
haxxcurlMatch7.22.0
OR
haxxcurlMatch7.23.0
OR
haxxcurlMatch7.23.1
OR
haxxcurlMatch7.24.0
OR
haxxcurlMatch7.25.0
OR
haxxcurlMatch7.26.0
OR
haxxcurlMatch7.27.0
OR
haxxcurlMatch7.28.0
OR
haxxcurlMatch7.28.1
OR
haxxcurlMatch7.29.0
OR
haxxcurlMatch7.30.0
OR
haxxcurlMatch7.31.0
OR
haxxcurlMatch7.32.0
OR
haxxcurlMatch7.33.0
OR
haxxcurlMatch7.34.0
OR
haxxcurlMatch7.35.0
OR
haxxcurlMatch7.36.0
OR
haxxcurlMatch7.37.1
OR
haxxcurlMatch7.38.0
OR
haxxcurlMatch7.39.0
OR
haxxcurlMatch7.40.0
OR
haxxcurlMatch7.41.0
Node
canonicalubuntu_linuxMatch12.04lts
OR
canonicalubuntu_linuxMatch14.04lts
OR
canonicalubuntu_linuxMatch14.10
OR
canonicalubuntu_linuxMatch15.04
OR
debiandebian_linuxMatch7.0
Node
haxxlibcurlMatch7.10.6
OR
haxxlibcurlMatch7.10.7
OR
haxxlibcurlMatch7.10.8
OR
haxxlibcurlMatch7.11.0
OR
haxxlibcurlMatch7.11.1
OR
haxxlibcurlMatch7.11.2
OR
haxxlibcurlMatch7.12.0
OR
haxxlibcurlMatch7.12.1
OR
haxxlibcurlMatch7.12.2
OR
haxxlibcurlMatch7.12.3
OR
haxxlibcurlMatch7.13.0
OR
haxxlibcurlMatch7.13.1
OR
haxxlibcurlMatch7.13.2
OR
haxxlibcurlMatch7.14.0
OR
haxxlibcurlMatch7.14.1
OR
haxxlibcurlMatch7.15.0
OR
haxxlibcurlMatch7.15.1
OR
haxxlibcurlMatch7.15.2
OR
haxxlibcurlMatch7.15.3
OR
haxxlibcurlMatch7.15.4
OR
haxxlibcurlMatch7.15.5
OR
haxxlibcurlMatch7.16.0
OR
haxxlibcurlMatch7.16.1
OR
haxxlibcurlMatch7.16.2
OR
haxxlibcurlMatch7.16.3
OR
haxxlibcurlMatch7.16.4
OR
haxxlibcurlMatch7.17.0
OR
haxxlibcurlMatch7.17.1
OR
haxxlibcurlMatch7.18.0
OR
haxxlibcurlMatch7.18.1
OR
haxxlibcurlMatch7.18.2
OR
haxxlibcurlMatch7.19.0
OR
haxxlibcurlMatch7.19.1
OR
haxxlibcurlMatch7.19.2
OR
haxxlibcurlMatch7.19.3
OR
haxxlibcurlMatch7.19.4
OR
haxxlibcurlMatch7.19.5
OR
haxxlibcurlMatch7.19.6
OR
haxxlibcurlMatch7.19.7
OR
haxxlibcurlMatch7.20.0
OR
haxxlibcurlMatch7.20.1
OR
haxxlibcurlMatch7.21.0
OR
haxxlibcurlMatch7.21.1
OR
haxxlibcurlMatch7.21.2
OR
haxxlibcurlMatch7.21.3
OR
haxxlibcurlMatch7.21.4
OR
haxxlibcurlMatch7.21.5
OR
haxxlibcurlMatch7.21.6
OR
haxxlibcurlMatch7.21.7
OR
haxxlibcurlMatch7.22.0
OR
haxxlibcurlMatch7.23.0
OR
haxxlibcurlMatch7.23.1
OR
haxxlibcurlMatch7.24.0
OR
haxxlibcurlMatch7.25.0
OR
haxxlibcurlMatch7.26.0
OR
haxxlibcurlMatch7.27.0
OR
haxxlibcurlMatch7.28.0
OR
haxxlibcurlMatch7.28.1
OR
haxxlibcurlMatch7.29.0
OR
haxxlibcurlMatch7.30.0
OR
haxxlibcurlMatch7.31.0
OR
haxxlibcurlMatch7.32.0
OR
haxxlibcurlMatch7.33.0
OR
haxxlibcurlMatch7.34.0
OR
haxxlibcurlMatch7.35.0
OR
haxxlibcurlMatch7.36.0
OR
haxxlibcurlMatch7.37.0
OR
haxxlibcurlMatch7.37.1
OR
haxxlibcurlMatch7.38.0
OR
haxxlibcurlMatch7.39
OR
haxxlibcurlMatch7.40.0
OR
haxxlibcurlMatch7.41.0
Node
hpsystem_management_homepageRange7.5.3.1
Node
applemac_os_xRange10.9.5
OR
applemac_os_xMatch10.10.0
OR
applemac_os_xMatch10.10.1
OR
applemac_os_xMatch10.10.2
OR
applemac_os_xMatch10.10.3
OR
applemac_os_xMatch10.10.4
VendorProductVersionCPE
haxxcurl7.10.6cpe:2.3:a:haxx:curl:7.10.6:*:*:*:*:*:*:*
haxxcurl7.10.7cpe:2.3:a:haxx:curl:7.10.7:*:*:*:*:*:*:*
haxxcurl7.10.8cpe:2.3:a:haxx:curl:7.10.8:*:*:*:*:*:*:*
haxxcurl7.11.0cpe:2.3:a:haxx:curl:7.11.0:*:*:*:*:*:*:*
haxxcurl7.11.1cpe:2.3:a:haxx:curl:7.11.1:*:*:*:*:*:*:*
haxxcurl7.11.2cpe:2.3:a:haxx:curl:7.11.2:*:*:*:*:*:*:*
haxxcurl7.12.0cpe:2.3:a:haxx:curl:7.12.0:*:*:*:*:*:*:*
haxxcurl7.12.1cpe:2.3:a:haxx:curl:7.12.1:*:*:*:*:*:*:*
haxxcurl7.12.2cpe:2.3:a:haxx:curl:7.12.2:*:*:*:*:*:*:*
haxxcurl7.12.3cpe:2.3:a:haxx:curl:7.12.3:*:*:*:*:*:*:*
Rows per page:
1-10 of 1551

References

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

AI Score

7.3

Confidence

Low

EPSS

0.009

Percentile

83.2%