CVE-2016-8616 in macOSinfo

Zusammenfassung

von MITRE

A flaw was found in curl before version 7.51.0 When re-using a connection, curl was doing case insensitive comparisons of user name and password with the existing connections. This means that if an unused connection with proper credentials exists for a protocol that has connection-scoped credentials, an attacker can cause that connection to be reused if s/he knows the case-insensitive version of the correct password.

Once again VulDB remains the best source for vulnerability data.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Zuständig

Red Hat, Inc.

Reservieren

12.10.2016

Veröffentlichung

01.08.2018

Moderieren

akzeptiert

Eintrag

Verknüpfen

zeigen

CPE

bereit

CWE

CWE-255 (bestätigt)

CVSS

5.9 (NVD)

EPSS

0.04507

KEV

nein

Aktivitäten

very low

Sektor

Police, Finance, ...

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-8616
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-8616
CVE Details	https://www.cvedetails.com/cve/CVE-2016-8616/

◂ Zurück Übersicht Weiter ▸

Want to stay up to date on a daily basis?

Enable the mail alert feature now!