Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2014-0015HistoryFeb 02, 2014 - 12:55 a.m.
CVE-2014-0015
2014-02-0200:55:05
Debian Security Bug Tracker
security-tracker.debian.org
12
4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:P/I:P/A:N
0.008 Low
EPSS
Percentile
81.1%
cURL and libcurl 7.10.6 through 7.34.0, when more than one authentication method is enabled, re-uses NTLM connections, which might allow context-dependent attackers to authenticate as other users via a request.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | curl | < 7.35.0-1 | curl_7.35.0-1_all.deb |
| Debian | 11 | all | curl | < 7.35.0-1 | curl_7.35.0-1_all.deb |
| Debian | 999 | all | curl | < 7.35.0-1 | curl_7.35.0-1_all.deb |
| Debian | 13 | all | curl | < 7.35.0-1 | curl_7.35.0-1_all.deb |
Related
fedora
fedora
[SECURITY] Fedora 20 Update: curl-7.32.0-4.fc20
2014-02-03 02:46:56
[SECURITY] Fedora 19 Update: curl-7.29.0-13.fc19
2014-02-15 20:02:19
[SECURITY] Fedora 20 Update: curl-7.32.0-8.fc20
2014-03-31 02:15:35
prion
prion
Cross site request forgery (csrf)
2014-02-02 00:55:00
Cross site request forgery (csrf)
2015-04-24 14:59:00
Design/Logic Flaw
2016-01-29 20:59:00
nessus
nessus
SuSE 11.2 / 11.3 Security Update : curl (SAT Patch Numbers 8796 / 8797)
2014-02-02 00:00:00
Fedora 20 : curl-7.32.0-4.fc20 (2014-1876)
2014-02-03 00:00:00
Amazon Linux AMI : curl (ALAS-2014-295)
2014-03-02 00:00:00
openvas
openvas
Slackware: Security Advisory (SSA:2014-044-01)
2022-04-21 00:00:00
Fedora Update for curl FEDORA-2014-1876
2014-02-03 00:00:00
Debian Security Advisory DSA 2849-1 (curl - information disclosure)
2014-01-31 00:00:00
amazon
amazon
slackware
slackware
curl
2014-02-13 16:38:20
debian
debian
[SECURITY] [DSA 2849-1] curl security update
2014-01-31 07:47:19
cve
cve
cvelist
cvelist
securityvulns
securityvulns
[SECURITY] [DSA 2849-1] curl security update
2014-02-01 00:00:00
NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities
2014-12-11 00:00:00
cURL security vulnerabilitiies
2015-11-01 00:00:00
veracode
veracode
Authentication Bypass
2019-01-15 08:51:58
ubuntu
ubuntu
curl vulnerability
2014-02-03 00:00:00
nvd
nvd
ubuntucve
ubuntucve
seebug
seebug
cURL/libcURL NTLM连接远程安全限制绕过漏洞
2014-02-24 00:00:00
f5
f5
SOL16704 - cURL and libcurl vulnerability CVE-2015-3143
2015-05-29 00:00:00
K16704 : cURL and libcurl vulnerability CVE-2015-3143
2015-05-29 00:00:00
debiancve
debiancve
redhat
redhat
(RHSA-2014:0561) Moderate: curl security and bug fix update
2014-05-27 00:00:00
(RHSA-2014:0629) Important: rhev-hypervisor6 security update
2014-06-05 00:00:00
centos
centos
curl, libcurl security update
2014-05-28 12:52:04
osv
osv
CVE-2014-0138
2014-04-15 14:55:00
oraclelinux
oraclelinux
curl security and bug fix update
2014-05-27 00:00:00
alpinelinux
alpinelinux
CVE-2014-0138
2014-04-15 14:55:04
mageia
mageia
Updated curl packages fix multiple vulnerabilities
2014-04-03 04:56:35
ibm
ibm
Security Bulletin: Vulnerabilities in cURL affect System x Integrated Management Module (IMM) (CVE-2013-2174, CVE-2014-0015, CVE-2014-138, CVE-2014-0139)
2019-01-31 01:35:01
archlinux
archlinux
curl: multiple issues
2015-04-24 00:00:00
vmware
vmware
VMware vSphere product updates address security vulnerabilities
2014-12-04 00:00:00
VMware vSphere product updates address security vulnerabilities
2014-12-04 00:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - January 2015
2015-03-10 00:00:00
Oracle Critical Patch Update Advisory - July 2015
2015-07-14 00:00:00
4 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
HIGH
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:H/Au:N/C:P/I:P/A:N
0.008 Low
EPSS
Percentile
81.1%
Related for DEBIANCVE:CVE-2014-0015