Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2014-0138
Description:The default configuration in cURL and libcurl 7.10.6 before 7.36.0 re- uses (1) SCP, (2) SFTP, (3) POP3, (4) POP3S, (5) IMAP, (6) IMAPS, (7) SMTP, (8) SMTPS, (9) LDAP, and (10) LDAPS connections, which might allow context-dependent attackers to connect as other users via a request, a similar issue to CVE-2014-0015.
Test IDs: 1.3.6.1.4.1.25623.1.0.702902   1.3.6.1.4.1.25623.1.0.120207   1.3.6.1.4.1.25623.1.1.4.2014.0691.1  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2014-0138
Bugtraq: 20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities (Google Search)
http://www.securityfocus.com/archive/1/534161/100/0/threaded
Debian Security Information: DSA-2902 (Google Search)
http://www.debian.org/security/2014/dsa-2902
http://seclists.org/fulldisclosure/2014/Dec/23
http://secunia.com/advisories/57836
http://secunia.com/advisories/57966
http://secunia.com/advisories/57968
http://secunia.com/advisories/58615
http://secunia.com/advisories/59458
SuSE Security Announcement: openSUSE-SU-2014:0530 (Google Search)
http://lists.opensuse.org/opensuse-updates/2014-04/msg00042.html
http://www.ubuntu.com/usn/USN-2167-1




© 1998-2024 E-Soft Inc. All rights reserved.