cURL/libcURL NTLM connection Remote Security Bypass Vulnerability

Bugtraq ID: 65270
Class: Access Validation Error
CVE: CVE-2014-0015
Remote: Yes
Local: No
Published: Jan 29 2014 12:00AM
Updated: Apr 17 2014 01:20AM
Credit: The vendor reported this issue.
Vulnerable: Ubuntu Ubuntu Linux 10.04 LTS
SuSE SUSE Linux Enterprise Server 11 SP2
+ Linux kernel 2.6.5
SuSE SUSE Linux Enterprise Desktop 11 SP2
+ Linux kernel 2.6.5
Slackware Slackware Linux 13.37
Slackware Slackware Linux 13.1
Slackware Slackware Linux 13.0
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
Daniel Stenberg curl 7.20
Daniel Stenberg curl 7.19.6
Daniel Stenberg curl 7.19.5
Daniel Stenberg curl 7.19.4
Daniel Stenberg curl 7.19.3
Daniel Stenberg curl 7.19
Daniel Stenberg curl 7.18.1
Daniel Stenberg curl 7.18
Daniel Stenberg curl 7.17
Daniel Stenberg curl 7.16.4
Daniel Stenberg curl 7.15.5
Daniel Stenberg curl 7.15.3
Daniel Stenberg curl 7.15.2
Daniel Stenberg curl 7.15.1
Daniel Stenberg curl 7.15
Daniel Stenberg curl 7.14.1
Daniel Stenberg curl 7.14
Daniel Stenberg curl 7.13.2
Daniel Stenberg curl 7.13.1
Daniel Stenberg curl 7.13
Daniel Stenberg curl 7.12.3
Daniel Stenberg curl 7.12.2
Daniel Stenberg curl 7.12.1
+ Red Hat Enterprise Linux AS 4
+ RedHat Desktop 4.0
+ RedHat Enterprise Linux ES 4
+ RedHat Enterprise Linux WS 4
Daniel Stenberg curl 7.12
+ S.u.S.E. Linux Personal 9.2 x86_64
+ S.u.S.E. Linux Personal 9.2
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia32
Daniel Stenberg curl 7.11.2
Daniel Stenberg curl 7.11.1
+ Conectiva Linux 10.0
Daniel Stenberg curl 7.11
+ S.u.S.E. Linux Personal 9.1 x86_64
+ S.u.S.E. Linux Personal 9.1
Daniel Stenberg curl 7.10.8
Daniel Stenberg curl 7.10.7
Daniel Stenberg curl 7.10.6
+ Red Hat Enterprise Linux AS 3
+ RedHat Desktop 3.0
+ RedHat Enterprise Linux ES 3
+ RedHat Enterprise Linux WS 3
Daniel Stenberg curl 7.24.0
Daniel Stenberg curl 7.23.1
Daniel Stenberg curl 7.21.7
Daniel Stenberg curl 7.21.6
Daniel Stenberg curl 7.20.2
Daniel Stenberg curl 7.20.1
Daniel Stenberg curl 7.16.3
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus