Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2011-2192

Опубликовано: 23 июн. 2011
Источник: redhat
CVSS2: 4.3

Описание

The Curl_input_negotiate function in http_negotiate.c in libcurl 7.10.6 through 7.21.6, as used in curl and other products, always performs credential delegation during GSSAPI authentication, which allows remote servers to impersonate clients via GSSAPI requests.

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=711454curl: Improper delegation of client credentials during GSS negotiation

4.3 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2011-2192

ubuntu
почти 14 лет назад

The Curl_input_negotiate function in http_negotiate.c in libcurl 7.10.6 through 7.21.6, as used in curl and other products, always performs credential delegation during GSSAPI authentication, which allows remote servers to impersonate clients via GSSAPI requests.

nvd логотип

CVE-2011-2192

nvd
почти 14 лет назад

The Curl_input_negotiate function in http_negotiate.c in libcurl 7.10.6 through 7.21.6, as used in curl and other products, always performs credential delegation during GSSAPI authentication, which allows remote servers to impersonate clients via GSSAPI requests.

debian логотип

CVE-2011-2192

debian
почти 14 лет назад

The Curl_input_negotiate function in http_negotiate.c in libcurl 7.10. ...

github логотип

GHSA-2jvc-33pv-cq2m

github
около 3 лет назад

The Curl_input_negotiate function in http_negotiate.c in libcurl 7.10.6 through 7.21.6, as used in curl and other products, always performs credential delegation during GSSAPI authentication, which allows remote servers to impersonate clients via GSSAPI requests.

oracle-oval логотип

ELSA-2011-0918

oracle-oval
почти 14 лет назад

ELSA-2011-0918: curl security update (MODERATE)

4.3 Medium

CVSS2