3 matches found
MiracleLinux 7 : curl-7.29.0-25.0.1.el7.AXS7 (AXSA:2015-843:01)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2015-843:01 advisory. curl is a command line tool for transferring data with URL syntax, supporting FTP, FTPS, HTTP, HTTPS, SCP, SFTP, TFTP, TELNET, DICT, LDAP, LDAPS, FIL...
USN-2591-1 curl vulnerabilities
Paras Sethia discovered that curl could incorrectly re-use NTLM HTTP credentials when subsequently connecting to the same host over HTTP. CVE-2015-3143 Hanno Böck discovered that curl incorrectly handled zero-length host names. If a user or automated system were tricked into using a specially...
CVE-2014-0015
cURL and libcurl 7.10.6 through 7.34.0, when more than one authentication method is enabled, re-uses NTLM connections, which might allow context-dependent attackers to authenticate as other users via a request...