Lucene search
K

5 matches found

Amazon
Amazon
added 2017/05/09 12:0 a.m.50 views

Medium: java-1.8.0-openjdk

Issue Overview: Improper re-use of NTLM authenticated connections Networking, 8163520: It was discovered that the HTTP client implementation in the Networking component of OpenJDK could cache and re-use an NTLM authenticated connection in a different security context. A remote attacker could...

7.7CVSS7.8AI score0.03311EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2015/11/24 12:0 a.m.28 views

Oracle Linux 7 : curl (ELSA-2015-2159)

The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2015-2159 advisory. - require credentials to match for NTLM re-use CVE-2015-3143 - close Negotiate connections when done CVE-2015-3148 - reject CRLFs in URLs passed to pro...

5CVSS7.7AI score0.17942EPSS
Exploits0References6
Oracle linux
Oracle linux
added 2015/07/28 12:0 a.m.61 views

curl security, bug fix, and enhancement update

7.19.7-46 - require credentials to match for NTLM re-use CVE-2015-3143 - close Negotiate connections when done CVE-2015-3148 7.19.7-45 - reject CRLFs in URLs passed to proxy CVE-2014-8150 7.19.7-44 - use only full matches for hosts used as IP address in cookies CVE-2014-3613 - fix handling of...

5CVSS0.2AI score0.17942EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2015/05/04 12:0 a.m.41 views

Fedora 21 : curl-7.37.0-14.fc21 (2015-6728)

require credentials to match for NTLM re-use CVE-2015-3143 - fix invalid write with a zero-length host name in URL CVE-2015-3144 - fix invalid write in cookie path sanitization code CVE-2015-3145 - close Negotiate connections when done CVE-2015-3148 Note that Tenable Network Security has...

9CVSS7.5AI score0.3763EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2015/04/27 12:0 a.m.31 views

Fedora 22 : curl-7.40.0-3.fc22 (2015-6695)

require credentials to match for NTLM re-use CVE-2015-3143 - fix invalid write with a zero-length host name in URL CVE-2015-3144 - fix invalid write in cookie path sanitization code CVE-2015-3145 - close Negotiate connections when done CVE-2015-3148 Note that Tenable Network Security has...

9CVSS7.5AI score0.3763EPSS
Exploits0References9
Rows per page
Query Builder