SUSE CVE-2014-0015

🗓️ 15 Feb 2023 05:33:03Reported by Suse CVEType

susecve

susecve🔗 www.suse.com👁 1 Views

CVE-2014-0015: Curl reuses NTLM connections with multiple auth methods, enabling user impersonation.

Reporter	Title	Published	Views	Family All 142
IBM Security Bulletins	Security Bulletin: Security vulnerabilities in Open SSL, OpenSSH and curl affect the Integrated Management Module II (IMM2)	31 Jan 201901:35	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in cURL affect System x Integrated Management Module (IMM) (CVE-2013-2174, CVE-2014-0015, CVE-2014-0138, CVE-2014-0139)	31 Jan 201901:35	–	ibm
IBM Security Bulletins	Security Bulletin: IBM ToolsCenter is affected by several cURL potential vulnerabilities (CVE-2014-0015, CVE-2014-0139, CVE-2014-0138, CVE-2014-2522)	31 Jan 201901:25	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in cURL affect System x Integrated Management Module (IMM) (CVE-2013-2174, CVE-2014-0015, CVE-2014-138, CVE-2014-0139)	31 Jan 201901:35	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in Open SSL, OpenSSH and curl affect the Integrated Management Module II (IMM2)	31 Jan 201901:55	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities affect IBM's Advanced Management Module (AMM)	14 Apr 202314:32	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in curl affect IBM Chassis Management Module (CMM) (CVE-2013-4545, CVE-2014-0015, CVE-2014-0138, CVE-2014-0139, CVE-2013-2174)	31 Jan 201901:55	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in curl affect IBM Flex System Manager (FSM): (CVE-2013-2174 CVE-2013-4545 CVE-2014-0015 CVE-2014-0138 CVE-2014-013)	31 Jan 201901:30	–	ibm
IBM Security Bulletins	Security Bulletin: Network Intrusion Prevention System is affected by curl and php5 vulnerabilities (CVE-2013-2174, CVE-2014-0015, CVE-2014-0138, CVE-2014-0139, CVE-2013-4248, CVE-2013-6420, CVE-2014-2497, CVE-2014-4049)	23 Feb 202217:14	–	ibm
Tenable Nessus	Mac OS X < 10.9.4 Multiple Vulnerabilities (Security Update 2014-003)	2 Jul 201400:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
SUSE Linux Enterprise Desktop	11.2	any	curl	7.19.7-1.20.31.1	curl-7.19.7-1.20.31.1.noarch.rpm
SUSE Linux Enterprise Server	11.1	any	curl	7.19.7-1.20.31.1	curl-7.19.7-1.20.31.1.noarch.rpm
SUSE Linux Enterprise Server	11.2	any	curl	7.19.7-1.20.31.1	curl-7.19.7-1.20.31.1.noarch.rpm
SUSE Linux Enterprise Server for SAP applications	11.2	any	curl	7.19.7-1.20.31.1	curl-7.19.7-1.20.31.1.noarch.rpm
SUSE Linux Enterprise Desktop	11.3	any	curl	7.19.7-1.32.1	curl-7.19.7-1.32.1.noarch.rpm
SUSE Linux Enterprise Server	11.3	any	curl	7.19.7-1.32.1	curl-7.19.7-1.32.1.noarch.rpm
SUSE Linux Enterprise Server for SAP applications	11.3	any	curl	7.19.7-1.32.1	curl-7.19.7-1.32.1.noarch.rpm
SUSE Linux Enterprise Server	11.4	any	curl	7.19.7-1.42.1	curl-7.19.7-1.42.1.noarch.rpm
SUSE Linux Enterprise Desktop	12.1	any	curl	7.37.0-15.1	curl-7.37.0-15.1.noarch.rpm
SUSE Linux Enterprise Server	12.1	any	curl	7.37.0-15.1	curl-7.37.0-15.1.noarch.rpm

Source	Link
suse	www.suse.com/security/cve/CVE-2014-0015
suse	www.suse.com/support/security/rating/
bugzilla	www.bugzilla.suse.com/858673
bugzilla	www.bugzilla.suse.com/868627
bugzilla	www.bugzilla.suse.com/880252
bugzilla	www.bugzilla.suse.com/882520
bugzilla	www.bugzilla.suse.com/927556
bugzilla	www.bugzilla.suse.com/962983
lists	www.lists.suse.com/pipermail/sle-security-updates/2014-January/000711.html
lists	www.lists.suse.com/pipermail/sle-security-updates/2014-January/000712.html

16 Mar 2026 00:39Current

7.1High risk

Vulners AI Score7.1

CVSS 24

EPSS0.01266

curl libcurl windows authentication impersonation cve 2014 0015 unix