CVE-2014-0138 Information

Feb 14, 2021 cve

Description

The default configuration in cURL and libcurl 7.10.6 before 7.36.0 re-uses (1) SCP (2) SFTP (3) POP3 (4) POP3S (5) IMAP (6) IMAPS (7) SMTP (8) SMTPS (9) LDAP and (10) LDAPS connections which might allow context-dependent attackers to connect as other users via a request a similar issue to CVE-2014-0015.

Reference

http://curl.haxx.se/docs/adv_20140326A.html http://curl.haxx.se/docs/adv_20140326A.html http://lists.opensuse.org/opensuse-updates/2014-04/msg00042.html http://seclists.org/fulldisclosure/2014/Dec/23 http://secunia.com/advisories/57836 http://secunia.com/advisories/57966 http://secunia.com/advisories/57968 http://secunia.com/advisories/58615 http://secunia.com/advisories/59458 http://www.debian.org/security/2014/dsa-2902 http://www.getchef.com/blog/2014/04/09/chef-server-11-0-12-release/ http://www.getchef.com/blog/2014/04/09/enterprise-chef-11-1-3-release/ http://www.getchef.com/blog/2014/04/09/enterprise-chef-1-4-9-release/ http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html http://www.securityfocus.com/archive/1/534161/100/0/threaded http://www.ubuntu.com/usn/USN-2167-1 http://www.vmware.com/security/advisories/VMSA-2014-0012.html http://www-01.ibm.com/support/docview.wss?uid=swg21675820 http://www-947.ibm.com/support/entry/portal/docdisplay?lndocid=MIGR-5095862 The default configuration in cURL and libcurl 7.10.6 before 7.36.0 re-uses (1) SCP (2) SFTP (3) POP3 (4) POP3S (5) IMAP (6) IMAPS (7) SMTP (8) SMTPS (9) LDAP and (10) LDAPS connections which might allow context-dependent attackers to connect as other users via a request a similar issue to CVE-2014-0015. cpe:2.3:a:haxx:curl:7.10.6:::::::* cpe:2.3:a:haxx:curl:7.10.7:::::::* cpe:2.3:a:haxx:curl:7.10.8:::::::* cpe:2.3:a:haxx:curl:7.11.0:::::::* cpe:2.3:a:haxx:curl:7.11.1:::::::* cpe:2.3:a:haxx:curl:7.11.2:::::::* cpe:2.3:a:haxx:curl:7.12.0:::::::* cpe:2.3:a:haxx:curl:7.12.1:::::::* cpe:2.3:a:haxx:curl:7.12.2:::::::* cpe:2.3:a:haxx:curl:7.12.3:::::::* cpe:2.3:a:haxx:curl:7.13.0:::::::* cpe:2.3:a:haxx:curl:7.13.1:::::::* cpe:2.3:a:haxx:curl:7.13.2:::::::* cpe:2.3:a:haxx:curl:7.14.0:::::::* cpe:2.3:a:haxx:curl:7.14.1:::::::* cpe:2.3:a:haxx:curl:7.15.0:::::::* cpe:2.3:a:haxx:curl:7.15.1:::::::* cpe:2.3:a:haxx:curl:7.15.2:::::::* cpe:2.3:a:haxx:curl:7.15.3:::::::* cpe:2.3:a:haxx:curl:7.15.4:::::::* cpe:2.3:a:haxx:curl:7.15.5:::::::* cpe:2.3:a:haxx:curl:7.16.0:::::::* cpe:2.3:a:haxx:curl:7.16.1:::::::* cpe:2.3:a:haxx:curl:7.16.2:::::::* cpe:2.3:a:haxx:curl:7.16.3:::::::* cpe:2.3:a:haxx:curl:7.16.4:::::::* cpe:2.3:a:haxx:curl:7.17.0:::::::* cpe:2.3:a:haxx:curl:7.17.1:::::::* cpe:2.3:a:haxx:curl:7.18.0:::::::* cpe:2.3:a:haxx:curl:7.18.1:::::::* cpe:2.3:a:haxx:curl:7.18.2:::::::* cpe:2.3:a:haxx:curl:7.19.0:::::::* cpe:2.3:a:haxx:curl:7.19.1:::::::* cpe:2.3:a:haxx:curl:7.19.2:::::::* cpe:2.3:a:haxx:curl:7.19.3:::::::* cpe:2.3:a:haxx:curl:7.19.4:::::::* cpe:2.3:a:haxx:curl:7.19.5:::::::* cpe:2.3:a:haxx:curl:7.19.6:::::::* cpe:2.3:a:haxx:curl:7.19.7:::::::* cpe:2.3:a:haxx:curl:7.20.0:::::::* cpe:2.3:a:haxx:curl:7.20.1:::::::* cpe:2.3:a:haxx:curl:7.21.0:::::::* cpe:2.3:a:haxx:curl:7.21.1:::::::* cpe:2.3:a:haxx:curl:7.21.2:::::::* cpe:2.3:a:haxx:curl:7.21.3:::::::* cpe:2.3:a:haxx:curl:7.21.4:::::::* cpe:2.3:a:haxx:curl:7.21.5:::::::* cpe:2.3:a:haxx:curl:7.21.6:::::::* cpe:2.3:a:haxx:curl:7.21.7:::::::* cpe:2.3:a:haxx:curl:7.22.0:::::::* cpe:2.3:a:haxx:curl:7.23.0:::::::* cpe:2.3:a:haxx:curl:7.23.1:::::::* cpe:2.3:a:haxx:curl:7.24.0:::::::* cpe:2.3:a:haxx:curl:7.25.0:::::::* cpe:2.3:a:haxx:curl:7.26.0:::::::* cpe:2.3:a:haxx:curl:7.27.0:::::::* cpe:2.3:a:haxx:curl:7.28.0:::::::* cpe:2.3:a:haxx:curl:7.28.1:::::::* cpe:2.3:a:haxx:curl:7.29.0:::::::* cpe:2.3:a:haxx:curl:7.30.0:::::::* cpe:2.3:a:haxx:curl:7.31.0:::::::* cpe:2.3:a:haxx:curl:7.32.0:::::::* cpe:2.3:a:haxx:curl:7.33.0:::::::* cpe:2.3:a:haxx:curl:7.34.0:::::::* cpe:2.3:a:haxx:curl:7.35.0:::::::* cpe:2.3:a:haxx:libcurl:7.10.6:::::::* cpe:2.3:a:haxx:libcurl:7.10.7:::::::* cpe:2.3:a:haxx:libcurl:7.10.8:::::::* cpe:2.3:a:haxx:libcurl:7.11.0:::::::* cpe:2.3:a:haxx:libcurl:7.11.1:::::::* cpe:2.3:a:haxx:libcurl:7.11.2:::::::* cpe:2.3:a:haxx:libcurl:7.12.0:::::::* cpe:2.3:a:haxx:libcurl:7.12.1:::::::* cpe:2.3:a:haxx:libcurl:7.12.2:::::::* cpe:2.3:a:haxx:libcurl:7.12.3:::::::* cpe:2.3:a:haxx:libcurl:7.13.0:::::::* cpe:2.3:a:haxx:libcurl:7.13.1:::::::* cpe:2.3:a:haxx:libcurl:7.13.2:::::::* cpe:2.3:a:haxx:libcurl:7.14.0:::::::* cpe:2.3:a:haxx:libcurl:7.14.1:::::::* cpe:2.3:a:haxx:libcurl:7.15.0:::::::* cpe:2.3:a:haxx:libcurl:7.15.1:::::::* cpe:2.3:a:haxx:libcurl:7.15.2:::::::* cpe:2.3:a:haxx:libcurl:7.15.3:::::::* cpe:2.3:a:haxx:libcurl:7.15.4:::::::* cpe:2.3:a:haxx:libcurl:7.15.5:::::::* cpe:2.3:a:haxx:libcurl:7.16.0:::::::* cpe:2.3:a:haxx:libcurl:7.16.1:::::::* cpe:2.3:a:haxx:libcurl:7.16.2:::::::* cpe:2.3:a:haxx:libcurl:7.16.3:::::::* cpe:2.3:a:haxx:libcurl:7.16.4:::::::* cpe:2.3:a:haxx:libcurl:7.17.0:::::::* cpe:2.3:a:haxx:libcurl:7.17.1:::::::* cpe:2.3:a:haxx:libcurl:7.18.0:::::::* cpe:2.3:a:haxx:libcurl:7.18.1:::::::* cpe:2.3:a:haxx:libcurl:7.18.2:::::::* cpe:2.3:a:haxx:libcurl:7.19.0:::::::* cpe:2.3:a:haxx:libcurl:7.19.1:::::::* cpe:2.3:a:haxx:libcurl:7.19.2:::::::* cpe:2.3:a:haxx:libcurl:7.19.3:::::::* cpe:2.3:a:haxx:libcurl:7.19.4:::::::* cpe:2.3:a:haxx:libcurl:7.19.5:::::::* cpe:2.3:a:haxx:libcurl:7.19.6:::::::* cpe:2.3:a:haxx:libcurl:7.19.7:::::::* cpe:2.3:a:haxx:libcurl:7.20.0:::::::* cpe:2.3:a:haxx:libcurl:7.20.1:::::::* cpe:2.3:a:haxx:libcurl:7.21.0:::::::* cpe:2.3:a:haxx:libcurl:7.21.1:::::::* cpe:2.3:a:haxx:libcurl:7.21.2:::::::* cpe:2.3:a:haxx:libcurl:7.21.3:::::::* cpe:2.3:a:haxx:libcurl:7.21.4:::::::* cpe:2.3:a:haxx:libcurl:7.21.5:::::::* cpe:2.3:a:haxx:libcurl:7.21.6:::::::* cpe:2.3:a:haxx:libcurl:7.21.7:::::::* cpe:2.3:a:haxx:libcurl:7.22.0:::::::* cpe:2.3:a:haxx:libcurl:7.23.0:::::::* cpe:2.3:a:haxx:libcurl:7.23.1:::::::* cpe:2.3:a:haxx:libcurl:7.24.0:::::::* cpe:2.3:a:haxx:libcurl:7.25.0:::::::* cpe:2.3:a:haxx:libcurl:7.26.0:::::::* cpe:2.3:a:haxx:libcurl:7.27.0:::::::* cpe:2.3:a:haxx:libcurl:7.28.0:::::::* cpe:2.3:a:haxx:libcurl:7.28.1:::::::* cpe:2.3:a:haxx:libcurl:7.29.0:::::::* cpe:2.3:a:haxx:libcurl:7.30.0:::::::* cpe:2.3:a:haxx:libcurl:7.31.0:::::::* cpe:2.3:a:haxx:libcurl:7.32.0:::::::* cpe:2.3:a:haxx:libcurl:7.33.0:::::::* cpe:2.3:a:haxx:libcurl:7.34.0:::::::* cpe:2.3:a:haxx:libcurl:7.35.0:::::::*

Share on: