CVSS: 4.3EPSS: 0%CPEs: 24EXPL: 0CVE-2011-3389 – HTTPS: block-wise chosen-plaintext attack against SSL/TLS (BEAST)
https://notcve.org/view.php?id=CVE-2011-3389
The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack. El protocolo SSL, como se utiliza en ciertas configuraciones en Microsoft Windows y Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera y otros productos, cifra los datos mediante el uso del modo CBC con vectores de inicialización encadenados, lo que permite a atacantes man-in-the-middle obtener cabeceras HTTP en texto plano a través de un ataque blockwise chosen-boundary (BCBA) en una sesión HTTPS, junto con el código de JavaScript que usa (1) la API WebSocket HTML5, (2) la API Java URLConnection o (3) la API Silverlight WebClient, también conocido como un ataque "BEAST". • http://blog.mozilla.com/security/2011/09/27/attack-against-tls-protected-communications http://blogs.technet.com/b/msrc/archive/2011/09/26/microsoft-releases-security-advisory-2588513.aspx http://blogs.technet.com/b/srd/archive/2011/09/26/is-ssl-broken-more-about-security-advisory-2588513.aspx http://curl.haxx.se/docs/adv_20120124B.html http://downloads.asterisk.org/pub/security/AST-2016-001.html http://ekoparty.org/2011/juliano-rizzo.php http://eprint.iacr.org/2004/111 http:&# • CWE-326: Inadequate Encryption Strength •
CVSS: 4.3EPSS: 0%CPEs: 11EXPL: 0CVE-2011-2192 – curl: Improper delegation of client credentials during GSS negotiation
https://notcve.org/view.php?id=CVE-2011-2192
The Curl_input_negotiate function in http_negotiate.c in libcurl 7.10.6 through 7.21.6, as used in curl and other products, always performs credential delegation during GSSAPI authentication, which allows remote servers to impersonate clients via GSSAPI requests. La función Curl_input_negotiate en http_negotiate.c en libcurl v7.10.6 a v7.21.6, tal y como se utiliza en curl y otras aplicaciones, siempre lleva a cabo delegación de credenciales durante la autenticación GSSAPI, lo que permite a hacerse pasar por clientes legitimos a servidores remotos a través de peticiones GSSAPI. • http://curl.haxx.se/curl-gssapi-delegation.patch http://curl.haxx.se/docs/adv_20110623.html http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html http://lists.fedoraproject.org/pipermail/package-announce/2011-July/062287.html http://lists.fedoraproject.org/pipermail/package-announce/2011-June/061992.html http://secunia.com/advisories/45047 http://secunia.com/advisories/45067 http://secunia.com/advisories/45088 http://secunia.com/advisories/45144 http://secunia.com/ • CWE-255: Credentials Management Errors •
CVSS: 8.8EPSS: 1%CPEs: 2EXPL: 0CVE-2005-0490
https://notcve.org/view.php?id=CVE-2005-0490
Multiple stack-based buffer overflows in libcURL and cURL 7.12.1, and possibly other versions, allow remote malicious web servers to execute arbitrary code via base64 encoded replies that exceed the intended buffer lengths when decoded, which is not properly handled by (1) the Curl_input_ntlm function in http_ntlm.c during NTLM authentication or (2) the Curl_krb_kauth and krb4_auth functions in krb4.c during Kerberos authentication. • http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000940 http://marc.info/?l=full-disclosure&m=110959085507755&w=2 http://www.gentoo.org/security/en/glsa/glsa-200503-20.xml http://www.idefense.com/application/poi/display?id=202&type=vulnerabilities http://www.idefense.com/application/poi/display?id=203&type=vulnerabilities http://www.mandriva.com/security/advisories? • CWE-131: Incorrect Calculation of Buffer Size •