CVE-2014-0015

Priority
Description
cURL and libcurl 7.10.6 through 7.34.0, when more than one authentication
method is enabled, re-uses NTLM connections, which might allow
context-dependent attackers to authenticate as other users via a request.
Assigned-to
mdeslaur
Notes
Package
Source: curl (LP Ubuntu Debian)
Upstream:released (7.35.0-1)
Patches:
Upstream:https://github.com/bagder/curl/commit/8ae35102c43d8d (7.28+)
Upstream:curl.haxx.se/CVE-2014-0015-7-27.patch
More Information

Updated: 2020-09-10 02:53:39 UTC (commit 81a23a978c4436cd99e1d040e9e73e9146876281)