cURL/libcURL CVE-2014-0138 Remote Security Bypass Vulnerability

Bugtraq ID: 66457
Class: Access Validation Error
CVE: CVE-2014-0138
Remote: Yes
Local: No
Published: Mar 26 2014 12:00AM
Updated: Nov 19 2014 12:56AM
Credit: Steve Holme
Vulnerable: Ubuntu Ubuntu Linux 12.04 LTS i386
Ubuntu Ubuntu Linux 12.04 LTS amd64
Ubuntu Ubuntu Linux 10.04 sparc
Ubuntu Ubuntu Linux 10.04 powerpc
Ubuntu Ubuntu Linux 10.04 i386
Ubuntu Ubuntu Linux 10.04 ARM
Ubuntu Ubuntu Linux 10.04 amd64
SuSE openSUSE 11.4
Slackware Linux 13.37
Slackware Linux 13.1
Slackware Linux 13.0
Red Hat Enterprise Linux Workstation 6
Red Hat Enterprise Linux Server 6
Red Hat Enterprise Linux HPC Node Optional 6
Red Hat Enterprise Linux HPC Node 6
Red Hat Enterprise Linux Desktop Optional 6
Red Hat Enterprise Linux Desktop 6
Oracle Enterprise Linux 6.2
Oracle Enterprise Linux 6
MandrakeSoft Enterprise Server 5 x86_64
MandrakeSoft Enterprise Server 5
Gentoo Linux
Debian Linux 6.0 sparc
Debian Linux 6.0 s/390
Debian Linux 6.0 powerpc
Debian Linux 6.0 mips
Debian Linux 6.0 ia-64
Debian Linux 6.0 ia-32
Debian Linux 6.0 arm
Debian Linux 6.0 amd64
Daniel Stenberg curl 7.20
Daniel Stenberg curl 7.19.6
Daniel Stenberg curl 7.19.5
Daniel Stenberg curl 7.19.4
Daniel Stenberg curl 7.19.3
Daniel Stenberg curl 7.19
Daniel Stenberg curl 7.18.1
Daniel Stenberg curl 7.18
Daniel Stenberg curl 7.17
Daniel Stenberg curl 7.16.4
Daniel Stenberg curl 7.15.5
Daniel Stenberg curl 7.15.3
Daniel Stenberg curl 7.15.2
Daniel Stenberg curl 7.15.1
Daniel Stenberg curl 7.15
Daniel Stenberg curl 7.14.1
Daniel Stenberg curl 7.14
Daniel Stenberg curl 7.13.2
Daniel Stenberg curl 7.13.1
Daniel Stenberg curl 7.13
Daniel Stenberg curl 7.12.3
Daniel Stenberg curl 7.12.2
Daniel Stenberg curl 7.12.1
+ Red Hat Enterprise Linux AS 4
+ RedHat Desktop 4.0
+ RedHat Enterprise Linux ES 4
+ RedHat Enterprise Linux WS 4
Daniel Stenberg curl 7.12
+ S.u.S.E. Linux Personal 9.2 x86_64
+ S.u.S.E. Linux Personal 9.2
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia32
Daniel Stenberg curl 7.11.2
Daniel Stenberg curl 7.11.1
+ Conectiva Linux 10.0
Daniel Stenberg curl 7.11
+ S.u.S.E. Linux Personal 9.1 x86_64
+ S.u.S.E. Linux Personal 9.1
Daniel Stenberg curl 7.10.8
Daniel Stenberg curl 7.10.7
Daniel Stenberg curl 7.10.6
+ Red Hat Enterprise Linux AS 3
+ RedHat Desktop 3.0
+ RedHat Enterprise Linux ES 3
+ RedHat Enterprise Linux WS 3
Daniel Stenberg curl 7.24.0
Daniel Stenberg curl 7.23.1
Daniel Stenberg curl 7.21.7
Daniel Stenberg curl 7.20.2
Daniel Stenberg curl 7.20.1
Daniel Stenberg curl 7.16.3
CentOS CentOS 6
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus