QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2014-0015

Back to search

CVE-2014-0015

Published: Feb 2, 2014

Modified: Aug 6, 2024

PUBLISHED

Description

cURL and libcurl 7.10.6 through 7.34.0, when more than one authentication method is enabled, re-uses NTLM connections, which might allow context-dependent attackers to authenticate as other users via a request.

VendorProductVersions

n/a

n/a

affected
n/a

References

56912
third-party-advisory
x_refsource_SECUNIA
SSA:2014-044-01
vendor-advisory
x_refsource_SLACKWARE
1029710
vdb-entry
x_refsource_SECTRACK
FEDORA-2014-1876
vendor-advisory
x_refsource_FEDORA
openSUSE-SU-2014:0274
vendor-advisory
x_refsource_SUSE
APPLE-SA-2014-06-30-2
vendor-advisory
x_refsource_APPLE
65270
vdb-entry
x_refsource_BID
DSA-2849
vendor-advisory
x_refsource_DEBIAN
59458
third-party-advisory
x_refsource_SECUNIA
56728
third-party-advisory
x_refsource_SECUNIA
FEDORA-2014-1864
vendor-advisory
x_refsource_FEDORA
59475
third-party-advisory
x_refsource_SECUNIA
USN-2097-1
vendor-advisory
x_refsource_UBUNTU
56734
third-party-advisory
x_refsource_SECUNIA
56731
third-party-advisory
x_refsource_SECUNIA

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now