Vulnerabilities

CVE-2014-0138

by Fred · 15/04/2014

The default configuration in cURL and libcurl 7.10.6 before 7.36.0 re-uses (1) SCP, (2) SFTP, (3) POP3, (4) POP3S, (5) IMAP, (6) IMAPS, (7) SMTP, (8) SMTPS, (9) LDAP, and (10) LDAPS connections, which might allow context-dependent attackers to connect as other users via a request, a similar issue to CVE-2014-0015.

Date published : 2014-04-15

http://www.securityfocus.com/archive/1/534161/100/0/threaded

http://curl.haxx.se/docs/adv_20140326A.html

Similar

Tags: Cybersecurity Alert