Debian Security Advisory DSA 2849-1 (curl - information disclosure)
Paras Sethia discovered that libcurl, a client-side URL transfer library, would sometimes mix up multiple HTTP and HTTPS connections with NTLM authentication to the same server, sending requests for one user over the connection authenticated as a different user. OpenVAS Vulnerability Test $Id:...