CVE-2016-5420
curl: Re-using connection with wrong client cert
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
curl and libcurl before 7.50.1 do not check the client certificate when choosing the TLS connection to reuse, which might allow remote attackers to hijack the authentication of the connection by leveraging a previously created connection with a different client certificate.
curl y libcurl en versiones anteriores a 7.50.1 no verifica el certificado de cliente cuando se está escogiendo la conexión TLS para reutilizar, lo que podría permitir a atacantes remotos secuestrar la autenticación de la conexión aprovechando una conexión previamente creada con un certificado de cliente diferente.
It was found that the libcurl library did not check the client certificate when choosing the TLS connection to reuse. An attacker could potentially use this flaw to hijack the authentication of the connection by leveraging a previously created connection with a different client certificate.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2016-06-10 CVE Reserved
- 2016-08-03 CVE Published
- 2023-03-07 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-285: Improper Authorization
- CWE-295: Improper Certificate Validation
CAPEC
References (20)
URL | Tag | Source |
---|---|---|
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html | X_refsource_confirm | |
http://www.securityfocus.com/bid/92309 | Vdb Entry | |
http://www.securitytracker.com/id/1036537 | Vdb Entry | |
http://www.securitytracker.com/id/1036739 | Vdb Entry | |
https://source.android.com/security/bulletin/2016-12-01.html | X_refsource_confirm | |
https://www.tenable.com/security/tns-2016-18 | X_refsource_confirm |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
https://curl.haxx.se/docs/adv_20160803B.html | 2023-11-07 |
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 8.0 Search vendor "Debian" for product "Debian Linux" and version "8.0" | - |
Affected
| ||||||
Haxx Search vendor "Haxx" | Libcurl Search vendor "Haxx" for product "Libcurl" | <= 7.50.0 Search vendor "Haxx" for product "Libcurl" and version " <= 7.50.0" | - |
Affected
| ||||||
Opensuse Search vendor "Opensuse" | Leap Search vendor "Opensuse" for product "Leap" | 42.1 Search vendor "Opensuse" for product "Leap" and version "42.1" | - |
Affected
|