CVE-2011-2192
published 2011-07-07CVE-2011-2192: The Curl_input_negotiate function in http_negotiate.c in libcurl 7.10.6 through 7.21.6, as used in curl and other products, always performs credential…
PriorityP427medium4.3CVSS 2.0
AVNACMAuNCPINAN
EPSS
2.99%
85.6th percentile
The Curl_input_negotiate function in http_negotiate.c in libcurl 7.10.6 through 7.21.6, as used in curl and other products, always performs credential delegation during GSSAPI authentication, which allows remote servers to impersonate clients via GSSAPI requests.
Affected
16 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| apple | mac_os_x | < 10.7.3 | 10.7.3 |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | curl | < curl 7.21.6-2 (bookworm) | curl 7.21.6-2 (bookworm) |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| fedoraproject | fedora | — | — |
| fedoraproject | fedora | — | — |
| haxx | curl | >= 0 < 7.21.6-2 | 7.21.6-2 |
| haxx | curl | >= 0 < 7.21.6-2 | 7.21.6-2 |
| haxx | curl | >= 0 < 7.21.6-2 | 7.21.6-2 |
| haxx | curl | >= 0 < 7.21.6-2 | 7.21.6-2 |
| haxx | libcurl | 7.10.6 – 7.21.6 | — |
CVSS provenance
nvdv2.04.3MEDIUMAV:N/AC:M/Au:N/C:P/I:N/A:N
osv4.3MEDIUM
vendor_ubuntu7.5HIGH
vendor_debian4.3HIGH
vendor_redhat4.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Ubuntu
curl vulnerabilities
vendor_ubuntu·2011-06-24·CVSS 7.5
CVE-2009-2417 [HIGH] curl vulnerabilities
Title: curl vulnerabilities
Summary: Multiple vulnerabilities in curl.
Richard Silverman discovered that when doing GSSAPI authentication,
libcurl unconditionally performs credential delegation, handing the
server a copy of the client's security credential. (CVE-2011-2192)
Wesley Miaw discovered that when zlib is enabled, libcurl does not
properly restrict the amount of callback data sent to an application
that requests automatic decompression. This might allow an attacker to
cause a denial of service via an application crash or possibly execute
arbitrary code with the privilege of the application. This issue only
affected Ubuntu 8.04 LTS and Ubuntu 10.04 LTS. (CVE-2010-0734)
USN 818-1 fixed an issue with curl's handling of SSL certificates with
zero bytes in the Common Name. Due to a
Red Hat
curl: Improper delegation of client credentials during GSS negotiation
vendor_redhat·2011-06-23·CVSS 4.3
CVE-2011-2192 [MEDIUM] curl: Improper delegation of client credentials during GSS negotiation
curl: Improper delegation of client credentials during GSS negotiation
The Curl_input_negotiate function in http_negotiate.c in libcurl 7.10.6 through 7.21.6, as used in curl and other products, always performs credential delegation during GSSAPI authentication, which allows remote servers to impersonate clients via GSSAPI requests.
Debian
CVE-2011-2192: curl - The Curl_input_negotiate function in http_negotiate.c in libcurl 7.10.6 through ...
vendor_debian·2011·CVSS 4.3
CVE-2011-2192 [MEDIUM] CVE-2011-2192: curl - The Curl_input_negotiate function in http_negotiate.c in libcurl 7.10.6 through ...
The Curl_input_negotiate function in http_negotiate.c in libcurl 7.10.6 through 7.21.6, as used in curl and other products, always performs credential delegation during GSSAPI authentication, which allows remote servers to impersonate clients via GSSAPI requests.
Scope: local
bookworm: resolved (fixed in 7.21.6-2)
bullseye: resolved (fixed in 7.21.6-2)
forky: resolved (fixed in 7.21.6-2)
sid: resolved (fixed in 7.21.6-2)
trixie: resolved (fixed in 7.21.6-2)
GHSA
GHSA-2jvc-33pv-cq2m: The Curl_input_negotiate function in http_negotiate
ghsa_unreviewed·2022-05-13
CVE-2011-2192 [MEDIUM] GHSA-2jvc-33pv-cq2m: The Curl_input_negotiate function in http_negotiate
The Curl_input_negotiate function in http_negotiate.c in libcurl 7.10.6 through 7.21.6, as used in curl and other products, always performs credential delegation during GSSAPI authentication, which allows remote servers to impersonate clients via GSSAPI requests.
OSV
CVE-2011-2192: The Curl_input_negotiate function in http_negotiate
osv·2011-07-07·CVSS 4.3
CVE-2011-2192 [MEDIUM] CVE-2011-2192: The Curl_input_negotiate function in http_negotiate
The Curl_input_negotiate function in http_negotiate.c in libcurl 7.10.6 through 7.21.6, as used in curl and other products, always performs credential delegation during GSSAPI authentication, which allows remote servers to impersonate clients via GSSAPI requests.
No detection rules found.
No public exploits indexed.
Bugzilla
CVE-2011-2192 curl: Improper delegation of client credentials during GSS negotiation [fedora-all]
bugzilla·2011-06-23·CVSS 4.3
CVE-2011-2192 [MEDIUM] CVE-2011-2192 curl: Improper delegation of client credentials during GSS negotiation [fedora-all]
CVE-2011-2192 curl: Improper delegation of client credentials during GSS negotiation [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected Fedora
versions.
For comments that are specific to the vulnerability please use bugs filed
against "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When creating a Bodhi update request, please include the bug IDs of the
respective parent bugs filed against the "Security Response" product.
Please mention CVE ids in the RPM changelog when available.
Bodhi update submission link:
https://admin.fedoraproject.org/updates/new/?type_=security&bugs=711454
Please note: this
Bugzilla
CVE-2011-2192 curl: Improper delegation of client credentials during GSS negotiation
bugzilla·2011-06-07·CVSS 4.3
CVE-2011-2192 [MEDIUM] CVE-2011-2192 curl: Improper delegation of client credentials during GSS negotiation
CVE-2011-2192 curl: Improper delegation of client credentials during GSS negotiation
It was found that cURL performed client credentials delegation during the
client-to-server GSS security mechanisms negotiation. A remote, rogue
server could use this flaw to impersonate the cURL client (victim) against
the correct (originally intended) server, potentially leading to denial
of cURL tool services for victim client.
Discussion:
This issue affects the versions of the curl package, as shipped with
Red Hat Enterprise Linux 4, 5, and 6.
--
This issue affects the versions of the curl package, as shipped with
Fedora release of 13, 14, and 15.
---
Public now via:
[1] http://curl.haxx.se/docs/adv_20110623.html
---
Created curl tracking bugs for this issue
Affects: fedora-all [bug 715553]
-
http://curl.haxx.se/curl-gssapi-delegation.patchhttp://curl.haxx.se/docs/adv_20110623.htmlhttp://lists.apple.com/archives/security-announce/2012/Feb/msg00000.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2011-July/062287.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2011-June/061992.htmlhttp://secunia.com/advisories/45047http://secunia.com/advisories/45067http://secunia.com/advisories/45088http://secunia.com/advisories/45144http://secunia.com/advisories/45181http://secunia.com/advisories/48256http://security.gentoo.org/glsa/glsa-201203-02.xmlhttp://support.apple.com/kb/HT5130http://www.debian.org/security/2011/dsa-2271http://www.mandriva.com/security/advisories?name=MDVSA-2011:116http://www.redhat.com/support/errata/RHSA-2011-0918.htmlhttp://www.securitytracker.com/id?1025713http://www.ubuntu.com/usn/USN-1158-1https://bugzilla.redhat.com/show_bug.cgi?id=711454http://curl.haxx.se/curl-gssapi-delegation.patchhttp://curl.haxx.se/docs/adv_20110623.htmlhttp://lists.apple.com/archives/security-announce/2012/Feb/msg00000.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2011-July/062287.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2011-June/061992.htmlhttp://secunia.com/advisories/45047http://secunia.com/advisories/45067http://secunia.com/advisories/45088http://secunia.com/advisories/45144http://secunia.com/advisories/45181http://secunia.com/advisories/48256http://security.gentoo.org/glsa/glsa-201203-02.xmlhttp://support.apple.com/kb/HT5130http://www.debian.org/security/2011/dsa-2271http://www.mandriva.com/security/advisories?name=MDVSA-2011:116http://www.redhat.com/support/errata/RHSA-2011-0918.htmlhttp://www.securitytracker.com/id?1025713http://www.ubuntu.com/usn/USN-1158-1https://bugzilla.redhat.com/show_bug.cgi?id=711454
2011-07-07
Published