Lucene search
K

5 matches found

F5 Networks
F5 Networks
added 2023/02/21 7:57 p.m.54 views

K16707: cURL and libcurl vulnerability CVE-2015-3148

Security Advisory Description cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use authenticated Negotiate connections, which allows remote attackers to connect as other users via a request. CVE-2015-3148 Impact Remote attackers may be able to re-use Negotiate connections as other user...

5CVSS7.8AI score0.17942EPSS
Exploits0Affected Software20
Tenable Nessus
Tenable Nessus
added 2015/11/24 12:0 a.m.29 views

Oracle Linux 7 : curl (ELSA-2015-2159)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-2159 advisory. - require credentials to match for NTLM re-use CVE-2015-3143 - close Negotiate connections when done CVE-2015-3148 - reject CRLFs in URLs passed to pro...

5CVSS7.7AI score0.17942EPSS
Exploits0References6
Oracle linux
Oracle linux
added 2015/07/28 12:0 a.m.63 views

curl security, bug fix, and enhancement update

7.19.7-46 - require credentials to match for NTLM re-use CVE-2015-3143 - close Negotiate connections when done CVE-2015-3148 7.19.7-45 - reject CRLFs in URLs passed to proxy CVE-2014-8150 7.19.7-44 - use only full matches for hosts used as IP address in cookies CVE-2014-3613 - fix handling of...

5CVSS0.2AI score0.17942EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/05/04 12:0 a.m.42 views

Fedora 21 : curl-7.37.0-14.fc21 (2015-6728)

require credentials to match for NTLM re-use CVE-2015-3143 - fix invalid write with a zero-length host name in URL CVE-2015-3144 - fix invalid write in cookie path sanitization code CVE-2015-3145 - close Negotiate connections when done CVE-2015-3148 Note that Tenable Network Security has...

9CVSS7.5AI score0.3763EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2015/04/27 12:0 a.m.32 views

Fedora 22 : curl-7.40.0-3.fc22 (2015-6695)

require credentials to match for NTLM re-use CVE-2015-3143 - fix invalid write with a zero-length host name in URL CVE-2015-3144 - fix invalid write in cookie path sanitization code CVE-2015-3145 - close Negotiate connections when done CVE-2015-3148 Note that Tenable Network Security has...

9CVSS7.5AI score0.3763EPSS
Exploits0References9
Rows per page
Query Builder