cURL GSS/Negotiate Mechanism Discloses Credentials to Remote Servers
|
|
SecurityTracker Alert ID: 1025713 |
|
SecurityTracker URL: http://securitytracker.com/id/1025713
|
|
CVE Reference:
CVE-2011-2192
(Links to External Site)
|
Date: Jun 27 2011
|
Impact:
User access via network
|
Fix Available: Yes Vendor Confirmed: Yes
|
Version(s): 7.10.6 to and including 7.21.6
|
Description:
A vulnerability was reported in cURL. A remote user can obtain a target user's credentials and then impersonate the target user.
When doing GSSAPI authentication, libcurl unconditionally performs credential delegation, supplying the server with a copy of the client's security credentials. A remote server can obtain the credentials and then impersonate the target client to other servers that use the same GSSAPI mechanism.
The GSS/Negotiate feature is affected.
The vendor was notified on June 6, 2011.
Richard Silverman reported this vulnerability.
|
Impact:
A remote user can impersonate the target user.
|
Solution:
The vendor has issued a fix (7.21.7).
The vendor's advisory is available at:
http://curl.haxx.se/docs/adv_20110623.html
|
Vendor URL: curl.haxx.se/docs/adv_20110623.html (Links to External Site)
|
Cause:
Access control error
|
Underlying OS:
Linux (Any), UNIX (Any), Windows (Any)
|
|
Message History:
This archive entry has one or more follow-up message(s) listed below.
|
Source Message Contents
|
Date: Mon, 27 Jun 2011 13:14:10 +0000
Subject: curl
|
http://curl.haxx.se/docs/adv_20110623.html
CVE-2011-2192
|
|
