mirror of
https://github.com/0xMarcio/cve.git
synced 2025-12-14 20:08:44 +00:00
754 B
754 B
CVE-2015-3148
Description
cURL and libcurl 7.10.6 through 7.41.0 do not properly re-use authenticated Negotiate connections, which allows remote attackers to connect as other users via a request.
POC
Reference
- http://www.oracle.com/technetwork/topics/security/bulletinjan2016-2867206.html
- http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
Github
No PoCs found on GitHub currently.