12 matches found
Linux Distros Unpatched Vulnerability : CVE-2015-3143
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated...
K16704: cURL and libcurl vulnerability CVE-2015-3143
Security Advisory Description cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015. CVE-2015-3143 Impact Remote attackers may be able to reuse NTLM...
Reusable NTLM Connections
libcurl.so is vulnerable to reusable NTLM connections. The vulnerability exists due to the improper checks of the NTLM state when checking if a connection exists, allowing reusable NTLM connections...
Ketshash - A little tool for detecting suspicious privileged NTLM connections, in particular Pass-The-Hash attack, based on event viewer logs
A little tool for detecting suspicious privileged NTLM connections, in particular Pass-The-Hash attack, based on event viewer logs. The tool was published as part of the "Pass-The-Hash detection" research - more details on "Pass-The-Hash detection" are in the blog post:...
Ubuntu 14.04 LTS : OpenJDK 7 regression (USN-3275-3)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-3275-3 advisory. USN-3275-2 fixed vulnerabilities in OpenJDK 7. Unfortunately, the update introduced a regression when handling TLS handshakes. This update fixes the problem. We...
USN-3275-3: OpenJDK 7 regression
USN-3275-2 fixed vulnerabilities in OpenJDK 7. Unfortunately, the update introduced a regression when handling TLS handshakes. This update fixes the problem. We apologize for the inconvenience. Original advisory details: It was discovered that OpenJDK improperly re-used cached NTLM connections in...
Ubuntu 14.04 LTS : OpenJDK 7 vulnerabilities (USN-3275-2)
The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3275-2 advisory. USN-3275-1 fixed vulnerabilities in OpenJDK 8. This update provides the corresponding updates for OpenJDK 7. Tenable has extracted the preceding...
Ubuntu 16.04 LTS : OpenJDK 8 vulnerabilities (USN-3275-1)
The remote Ubuntu 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3275-1 advisory. It was discovered that OpenJDK improperly re-used cached NTLM connections in some situations. A remote attacker could possibly use this to cause a Java...
F5 Networks BIG-IP : cURL and libcurl vulnerability (K16704)
cURL and libcurl 7.10.6 through 7.41.0 does not properly re-use NTLM connections, which allows remote attackers to connect as other users via an unauthenticated request, a similar issue to CVE-2014-0015. CVE-2015-3143 C Tenable Network Security, Inc. The descriptive text and package checks in thi...
Amazon Linux: Security Advisory (ALAS-2014-295)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Cross site request forgery (csrf)
cURL and libcurl 7.10.6 through 7.34.0, when more than one authentication method is enabled, re-uses NTLM connections, which might allow context-dependent attackers to authenticate as other users via a request...
SuSE 11.2 / 11.3 Security Update : curl (SAT Patch Numbers 8796 / 8797)
This update fixes the re-use of wrong HTTP NTLM connections in libcurl. CVE-2014-0015 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from SuSE 11 update information. The text itself is copyright C Novell, Inc...