CVE-2016-3739
Published: 20 May 2016
The (1) mbed_connect_step1 function in lib/vtls/mbedtls.c and (2) polarssl_connect_step1 function in lib/vtls/polarssl.c in cURL and libcurl before 7.49.0, when using SSLv3 or making a TLS connection to a URL that uses a numerical IP address, allow remote attackers to spoof servers via an arbitrary valid certificate.
Notes
Author | Note |
---|---|
sbeattie | curl in ubuntu is built with gnutls |
Priority
CVSS 3 base score: 5.3
Status
Package | Release | Status |
---|---|---|
curl Launchpad, Ubuntu, Debian |
upstream |
Released
(7.49.0)
|
precise |
Not vulnerable
(gnutls tls backend)
|
|
trusty |
Not vulnerable
(gnutls tls backend)
|
|
wily |
Not vulnerable
(gnutls tls backend)
|
|
xenial |
Not vulnerable
(gnutls tls backend)
|
|
Patches: upstream: https://curl.haxx.se/CVE-2016-3739.patch |