Wind River Support Network

HomeDefectsLIN7-5615

Fixed

LIN7-5615 : Security Advisory - curl - CVE-2016-0755

Created: Feb 13, 2016 Updated: Sep 8, 2018

Resolved Date: Mar 1, 2016

Found In Version: 7.0.0.12

Fix Version: 7.0.0.14

Severity: Standard

Applicable for: Wind River Linux 7

Component/s: Userspace

Description

The ConnectionExists function in lib/url.c in libcurl before 7.47.0 does not properly re-use NTLM-authenticated proxy connections, which might allow remote attackers to authenticate as other users via a request, a similar issue to CVE-2014-0015.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-0755

Other Downloads

Wind River Linux 7.0.0.14
Wind River Linux 7.0.0.15
Wind River Linux 7.0.0.16
Wind River Linux 7.0.0.17
Wind River Linux 7.0.0.18
Wind River Linux 7.0.0.19
Wind River Linux 7.0.0.20
Wind River Linux 7.0.0.21
Wind River Linux 7.0.0.22
Wind River Linux 7.0.0.23
Wind River Linux 7.0.0.24
Wind River Linux 7.0.0.25
Wind River Linux 7.0.0.26
Wind River Linux 7.0.0.27
Wind River Linux 7.0.0.28
Wind River Linux 7.0.0.29
Wind River Linux 7.0.0.30
Wind River Linux 7.0.0.31

CVEs

CVE-2016-0755