2 matches found
EulerOS 2.0 SP13 : curl (EulerOS-SA-2026-2326)
According to the versions of the curl packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : libcurl can in some circumstances reuse the wrong connection when asked to dox000D an Negotiate-authenticated HTTP or HTTPS request.x000D x000D...
Authentication Bypass by Primary Weakness
Overview Affected versions of this package are vulnerable to Authentication Bypass by Primary Weakness via the reuse of HTTP Negotiate authenticated connections. An attacker can gain unauthorized access or perform actions with unintended credentials by making an authenticated HTTPS request after ...