Lucene search

K
ubuntuUbuntuUSN-2097-1
HistoryFeb 03, 2014 - 12:00 a.m.

curl vulnerability

2014-02-0300:00:00
ubuntu.com
39

CVSS2

4

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:P/A:N

AI Score

6.8

Confidence

High

EPSS

0.008

Percentile

81.1%

Releases

  • Ubuntu 13.10
  • Ubuntu 12.10
  • Ubuntu 12.04
  • Ubuntu 10.04

Packages

  • curl - HTTP, HTTPS, and FTP client and client libraries

Details

Paras Sethia and Yehezkel Horowitz discovered that libcurl incorrectly
reused connections when NTLM authentication was being used. This could lead
to the use of unintended credentials, possibly exposing sensitive
information.

Rows per page:
1-10 of 361

CVSS2

4

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

NONE

AV:N/AC:H/Au:N/C:P/I:P/A:N

AI Score

6.8

Confidence

High

EPSS

0.008

Percentile

81.1%