SOL16707 - cURL and libcurl vulnerability CVE-2015-3148

2015-05-29T00:00:00
ID SOL16707
Type f5
Reporter f5
Modified 2016-08-26T00:00:00

Description

cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use authenticated Negotiate connections, which allows remote attackers to connect as other users via a request. (CVE-2015-3148)