CVE-2016-0755

high
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The ConnectionExists function in lib/url.c in libcurl before 7.47.0 does not properly re-use NTLM-authenticated proxy connections, which might allow remote attackers to authenticate as other users via a request, a similar issue to CVE-2014-0015.

References

http://curl.haxx.se/docs/adv_20160127A.html

http://lists.apple.com/archives/security-announce/2016/Sep/msg00006.html

http://lists.fedoraproject.org/pipermail/package-announce/2016-February/176546.html

http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177342.html

http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177383.html

http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176413.html

http://lists.opensuse.org/opensuse-updates/2016-02/msg00031.html

http://lists.opensuse.org/opensuse-updates/2016-02/msg00044.html

http://lists.opensuse.org/opensuse-updates/2016-02/msg00047.html

http://packetstormsecurity.com/files/135695/Slackware-Security-Advisory-curl-Updates.html

http://www.debian.org/security/2016/dsa-3455

http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

http://www.securityfocus.com/bid/82307

http://www.securitytracker.com/id/1034882

http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.519965

http://www.ubuntu.com/usn/USN-2882-1

https://security.gentoo.org/glsa/201701-47

https://support.apple.com/HT207170

Details

Source: MITRE

Published: 2016-01-29

Updated: 2018-10-17

Type: CWE-287

Risk Information

CVSS v2

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

CVSS v3

Base Score: 7.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Impact Score: 3.4

Exploitability Score: 3.9

Severity: HIGH

Tenable Plugins

View all (22 total)

IDNameProductFamilySeverity
131902EulerOS 2.0 SP2 : curl (EulerOS-SA-2019-2410)NessusHuawei Local Security Checks
critical
129247EulerOS 2.0 SP3 : curl (EulerOS-SA-2019-2054)NessusHuawei Local Security Checks
critical
126538EulerOS Virtualization for ARM 64 3.0.2.0 : curl (EulerOS-SA-2019-1696)NessusHuawei Local Security Checks
high
126292EulerOS 2.0 SP5 : curl (EulerOS-SA-2019-1665)NessusHuawei Local Security Checks
critical
96644GLSA-201701-47 : cURL: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
9760cURL/libcurl 7.x < 7.47.0 Multiple VulnerabilitiesNessus Network MonitorWeb Clients
medium
9620Mac OS X 10.x < 10.12 Multiple VulnerabilitiesNessus Network MonitorOperating System Detection
critical
93685macOS < 10.12 Multiple VulnerabilitiesNessusMacOS X Local Security Checks
critical
89551Fedora 22 : mingw-curl-7.47.0-1.fc22 (2016-5a141de5d9)NessusFedora Local Security Checks
high
89548Fedora 23 : curl-7.43.0-5.fc23 (2016-57bebab3b6)NessusFedora Local Security Checks
high
89546Fedora 23 : mingw-curl-7.47.0-1.fc23 (2016-55137a3adb)NessusFedora Local Security Checks
high
89524Fedora 22 : curl-7.40.0-8.fc22 (2016-3fa315a5dd)NessusFedora Local Security Checks
high
88664Amazon Linux AMI : curl (ALAS-2016-652)NessusAmazon Linux Local Security Checks
high
88634openSUSE Security Update : curl (openSUSE-2016-170)NessusSuSE Local Security Checks
high
88625Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / current : curl (SSA:2016-039-01)NessusSlackware Local Security Checks
high
88622SUSE SLED11 / SLES11 Security Update : curl (SUSE-SU-2016:0347-1)NessusSuSE Local Security Checks
high
88621SUSE SLED12 / SLES12 Security Update : curl (SUSE-SU-2016:0340-1)NessusSuSE Local Security Checks
high
88609openSUSE Security Update : curl (openSUSE-2016-153)NessusSuSE Local Security Checks
high
88608openSUSE Security Update : curl (openSUSE-2016-152)NessusSuSE Local Security Checks
high
88476FreeBSD : curl -- Credentials not checked (8b27f1bc-c509-11e5-a95f-b499baebfeaf)NessusFreeBSD Local Security Checks
high
88457Ubuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : curl vulnerability (USN-2882-1)NessusUbuntu Local Security Checks
high
88424Debian DSA-3455-1 : curl - security updateNessusDebian Local Security Checks
high