Lucene search

K
nvd[email protected]NVD:CVE-2015-3143
HistoryApr 24, 2015 - 2:59 p.m.

CVE-2015-3143

2015-04-2414:59:08
CWE-264
web.nvd.nist.gov
6

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

AI Score

7.6

Confidence

High

EPSS

0.009

Percentile

83.2%

cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015.

Affected configurations

Nvd
Node
haxxcurlMatch7.10.6
OR
haxxcurlMatch7.10.7
OR
haxxcurlMatch7.10.8
OR
haxxcurlMatch7.11.0
OR
haxxcurlMatch7.11.1
OR
haxxcurlMatch7.11.2
OR
haxxcurlMatch7.12.0
OR
haxxcurlMatch7.12.1
OR
haxxcurlMatch7.12.2
OR
haxxcurlMatch7.12.3
OR
haxxcurlMatch7.13.0
OR
haxxcurlMatch7.13.1
OR
haxxcurlMatch7.13.2
OR
haxxcurlMatch7.14.0
OR
haxxcurlMatch7.14.1
OR
haxxcurlMatch7.15.0
OR
haxxcurlMatch7.15.1
OR
haxxcurlMatch7.15.2
OR
haxxcurlMatch7.15.3
OR
haxxcurlMatch7.15.4
OR
haxxcurlMatch7.15.5
OR
haxxcurlMatch7.16.0
OR
haxxcurlMatch7.16.1
OR
haxxcurlMatch7.16.2
OR
haxxcurlMatch7.16.3
OR
haxxcurlMatch7.16.4
OR
haxxcurlMatch7.17.0
OR
haxxcurlMatch7.17.1
OR
haxxcurlMatch7.18.0
OR
haxxcurlMatch7.18.1
OR
haxxcurlMatch7.18.2
OR
haxxcurlMatch7.19.0
OR
haxxcurlMatch7.19.1
OR
haxxcurlMatch7.19.2
OR
haxxcurlMatch7.19.3
OR
haxxcurlMatch7.19.4
OR
haxxcurlMatch7.19.5
OR
haxxcurlMatch7.19.6
OR
haxxcurlMatch7.19.7
OR
haxxcurlMatch7.20.0
OR
haxxcurlMatch7.20.1
OR
haxxcurlMatch7.21.0
OR
haxxcurlMatch7.21.1
OR
haxxcurlMatch7.21.2
OR
haxxcurlMatch7.21.3
OR
haxxcurlMatch7.21.4
OR
haxxcurlMatch7.21.5
OR
haxxcurlMatch7.21.6
OR
haxxcurlMatch7.21.7
OR
haxxcurlMatch7.22.0
OR
haxxcurlMatch7.23.0
OR
haxxcurlMatch7.23.1
OR
haxxcurlMatch7.24.0
OR
haxxcurlMatch7.25.0
OR
haxxcurlMatch7.26.0
OR
haxxcurlMatch7.27.0
OR
haxxcurlMatch7.28.0
OR
haxxcurlMatch7.28.1
OR
haxxcurlMatch7.29.0
OR
haxxcurlMatch7.30.0
OR
haxxcurlMatch7.31.0
OR
haxxcurlMatch7.32.0
OR
haxxcurlMatch7.33.0
OR
haxxcurlMatch7.34.0
OR
haxxcurlMatch7.35.0
OR
haxxcurlMatch7.36.0
OR
haxxcurlMatch7.37.1
OR
haxxcurlMatch7.38.0
OR
haxxcurlMatch7.39.0
OR
haxxcurlMatch7.40.0
OR
haxxcurlMatch7.41.0
Node
canonicalubuntu_linuxMatch12.04lts
OR
canonicalubuntu_linuxMatch14.04lts
OR
canonicalubuntu_linuxMatch14.10
OR
canonicalubuntu_linuxMatch15.04
OR
debiandebian_linuxMatch7.0
Node
haxxlibcurlMatch7.10.6
OR
haxxlibcurlMatch7.10.7
OR
haxxlibcurlMatch7.10.8
OR
haxxlibcurlMatch7.11.0
OR
haxxlibcurlMatch7.11.1
OR
haxxlibcurlMatch7.11.2
OR
haxxlibcurlMatch7.12.0
OR
haxxlibcurlMatch7.12.1
OR
haxxlibcurlMatch7.12.2
OR
haxxlibcurlMatch7.12.3
OR
haxxlibcurlMatch7.13.0
OR
haxxlibcurlMatch7.13.1
OR
haxxlibcurlMatch7.13.2
OR
haxxlibcurlMatch7.14.0
OR
haxxlibcurlMatch7.14.1
OR
haxxlibcurlMatch7.15.0
OR
haxxlibcurlMatch7.15.1
OR
haxxlibcurlMatch7.15.2
OR
haxxlibcurlMatch7.15.3
OR
haxxlibcurlMatch7.15.4
OR
haxxlibcurlMatch7.15.5
OR
haxxlibcurlMatch7.16.0
OR
haxxlibcurlMatch7.16.1
OR
haxxlibcurlMatch7.16.2
OR
haxxlibcurlMatch7.16.3
OR
haxxlibcurlMatch7.16.4
OR
haxxlibcurlMatch7.17.0
OR
haxxlibcurlMatch7.17.1
OR
haxxlibcurlMatch7.18.0
OR
haxxlibcurlMatch7.18.1
OR
haxxlibcurlMatch7.18.2
OR
haxxlibcurlMatch7.19.0
OR
haxxlibcurlMatch7.19.1
OR
haxxlibcurlMatch7.19.2
OR
haxxlibcurlMatch7.19.3
OR
haxxlibcurlMatch7.19.4
OR
haxxlibcurlMatch7.19.5
OR
haxxlibcurlMatch7.19.6
OR
haxxlibcurlMatch7.19.7
OR
haxxlibcurlMatch7.20.0
OR
haxxlibcurlMatch7.20.1
OR
haxxlibcurlMatch7.21.0
OR
haxxlibcurlMatch7.21.1
OR
haxxlibcurlMatch7.21.2
OR
haxxlibcurlMatch7.21.3
OR
haxxlibcurlMatch7.21.4
OR
haxxlibcurlMatch7.21.5
OR
haxxlibcurlMatch7.21.6
OR
haxxlibcurlMatch7.21.7
OR
haxxlibcurlMatch7.22.0
OR
haxxlibcurlMatch7.23.0
OR
haxxlibcurlMatch7.23.1
OR
haxxlibcurlMatch7.24.0
OR
haxxlibcurlMatch7.25.0
OR
haxxlibcurlMatch7.26.0
OR
haxxlibcurlMatch7.27.0
OR
haxxlibcurlMatch7.28.0
OR
haxxlibcurlMatch7.28.1
OR
haxxlibcurlMatch7.29.0
OR
haxxlibcurlMatch7.30.0
OR
haxxlibcurlMatch7.31.0
OR
haxxlibcurlMatch7.32.0
OR
haxxlibcurlMatch7.33.0
OR
haxxlibcurlMatch7.34.0
OR
haxxlibcurlMatch7.35.0
OR
haxxlibcurlMatch7.36.0
OR
haxxlibcurlMatch7.37.0
OR
haxxlibcurlMatch7.37.1
OR
haxxlibcurlMatch7.38.0
OR
haxxlibcurlMatch7.39
OR
haxxlibcurlMatch7.40.0
OR
haxxlibcurlMatch7.41.0
Node
hpsystem_management_homepageRange7.5.3.1
Node
applemac_os_xRange10.9.5
OR
applemac_os_xMatch10.10.0
OR
applemac_os_xMatch10.10.1
OR
applemac_os_xMatch10.10.2
OR
applemac_os_xMatch10.10.3
OR
applemac_os_xMatch10.10.4
VendorProductVersionCPE
haxxcurl7.10.6cpe:2.3:a:haxx:curl:7.10.6:*:*:*:*:*:*:*
haxxcurl7.10.7cpe:2.3:a:haxx:curl:7.10.7:*:*:*:*:*:*:*
haxxcurl7.10.8cpe:2.3:a:haxx:curl:7.10.8:*:*:*:*:*:*:*
haxxcurl7.11.0cpe:2.3:a:haxx:curl:7.11.0:*:*:*:*:*:*:*
haxxcurl7.11.1cpe:2.3:a:haxx:curl:7.11.1:*:*:*:*:*:*:*
haxxcurl7.11.2cpe:2.3:a:haxx:curl:7.11.2:*:*:*:*:*:*:*
haxxcurl7.12.0cpe:2.3:a:haxx:curl:7.12.0:*:*:*:*:*:*:*
haxxcurl7.12.1cpe:2.3:a:haxx:curl:7.12.1:*:*:*:*:*:*:*
haxxcurl7.12.2cpe:2.3:a:haxx:curl:7.12.2:*:*:*:*:*:*:*
haxxcurl7.12.3cpe:2.3:a:haxx:curl:7.12.3:*:*:*:*:*:*:*
Rows per page:
1-10 of 1551

References

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:L/Au:N/C:N/I:P/A:N

AI Score

7.6

Confidence

High

EPSS

0.009

Percentile

83.2%