Computer Security
[EN] securityvulns.ru no-pyccku


libcurl GSSAPI security vulnerability
Published:28.06.2011
Source:
SecurityVulns ID:11749
Type:library
Threat Level:
5/10
Description:Client's security credentials are unconditionally delegated.
Affected:CURL : libcurl 7.21
CVE:CVE-2011-2192 (The Curl_input_negotiate function in http_negotiate.c in libcurl 7.10.6 through 7.21.6, as used in curl and other products, always performs credential delegation during GSSAPI authentication, which allows remote servers to impersonate clients via GSSAPI requests.)
Original documentdocumentUBUNTU, [USN-1158-1] curl vulnerabilities (28.06.2011)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod