Уязвимости Угрозы

English Russian Japanese LatAm Türkiye Brasil France Český Deutschland

KLA10566
Multiple vulnerabilities in cURL

Обновлено: 03/06/2020
Дата обнаружения
 24/04/2015
Уровень угрозы
 Critical
Описание

Multiple serious vulnerabilities have been found in cURL. Malicious users can exploit these vulnerabilities to bypass security restrictions, cause denial of service or conduct other unknown impact.

Below is a complete list of vulnerabilities

  1. Improper re-use of authenticated Negotiate and NTLM connections can be exploited remotely via a specially designed request;
  2. An improper index calculation can be exploited remotely via a specially designed cookie or host name.
Пораженные продукты

cURL and libcurl versions from 7.10.6 through 7.41.0
Решение

Update ti the latest version
Get cURL
Первичный источник обнаружения
 cURL advisory
cURL advisory
cURL advisory
cURL advisory
Оказываемое влияние
?
DoS 
[?]

SB 
[?]
Связанные продукты
 cURL
CVE-IDS
CVE-2015-31485.0Critical
CVE-2015-31457.5Critical
CVE-2015-31435.0Critical
CVE-2015-31449.0Critical
Узнай статистику распространения уязвимостей в твоем регионе
© 2023 AO Kaspersky Lab. All Rights Reserved.
Privacy Policy

Up