CVE-2017-2628
published 2018-03-12CVE-2017-2628: curl, as shipped in Red Hat Enterprise Linux 6 before version 7.19.7-53, did not correctly backport the fix for CVE-2015-3148 because it did not reflect the…
PriorityP340critical9.8CVSS 3.0
AVNACLPRNUINSUCHIHAH
EPSS
0.83%
75.1th percentile
curl, as shipped in Red Hat Enterprise Linux 6 before version 7.19.7-53, did not correctly backport the fix for CVE-2015-3148 because it did not reflect the fact that the HAVE_GSSAPI define was meanwhile substituted by USE_HTTP_NEGOTIATE. This issue was introduced in RHEL 6.7 and affects RHEL 6 curl only.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | curl | — | — |
| haxx | curl | — | — |
CVSS provenance
nvdv3.09.8CRITICALCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
nvdv2.07.5HIGHAV:N/AC:L/Au:N/C:P/I:P/A:P
vendor_debian5.0LOW
vendor_redhat5.0MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
curl: negotiate not treated as connection-oriented (incomplete fix for CVE-2015-3148)
vendor_redhat·2017-03-29·CVSS 5.0
CVE-2017-2628 [MEDIUM] CWE-287 curl: negotiate not treated as connection-oriented (incomplete fix for CVE-2015-3148)
curl: negotiate not treated as connection-oriented (incomplete fix for CVE-2015-3148)
curl, as shipped in Red Hat Enterprise Linux 6 before version 7.19.7-53, did not correctly backport the fix for CVE-2015-3148 because it did not reflect the fact that the HAVE_GSSAPI define was meanwhile substituted by USE_HTTP_NEGOTIATE. This issue was introduced in RHEL 6.7 and affects RHEL 6 curl only.
It was found that the fix for CVE-2015-3148 in curl was incomplete. An application using libcurl with HTTP Negotiate authentication could incorrectly re-use credentials for subsequent requests to the same server.
Package: curl (Red Hat Ceph Storage 2) - Not affected
Package: curl (Red Hat Enterprise Linux 5) - Not affected
Package: curl (Red Hat Enterprise Linux 7) - Not affected
Package: mingw-vir
Debian
CVE-2017-2628: curl - curl, as shipped in Red Hat Enterprise Linux 6 before version 7.19.7-53, did not...
vendor_debian·2017·CVSS 5.0
CVE-2017-2628 [MEDIUM] CVE-2017-2628: curl - curl, as shipped in Red Hat Enterprise Linux 6 before version 7.19.7-53, did not...
curl, as shipped in Red Hat Enterprise Linux 6 before version 7.19.7-53, did not correctly backport the fix for CVE-2015-3148 because it did not reflect the fact that the HAVE_GSSAPI define was meanwhile substituted by USE_HTTP_NEGOTIATE. This issue was introduced in RHEL 6.7 and affects RHEL 6 curl only.
Scope: local
bookworm: resolved
bullseye: resolved
forky: resolved
sid: resolved
trixie: resolved
GHSA
GHSA-9v4c-xqrp-4vv9: curl, as shipped in Red Hat Enterprise Linux 6 before version 7
ghsa_unreviewed·2022-05-13·CVSS 5.0
CVE-2017-2628 [MEDIUM] CWE-287 GHSA-9v4c-xqrp-4vv9: curl, as shipped in Red Hat Enterprise Linux 6 before version 7
curl, as shipped in Red Hat Enterprise Linux 6 before version 7.19.7-53, did not correctly backport the fix for CVE-2015-3148 because it did not reflect the fact that the HAVE_GSSAPI define was meanwhile substituted by USE_HTTP_NEGOTIATE. This issue was introduced in RHEL 6.7 and affects RHEL 6 curl only.
No detection rules found.
No public exploits indexed.
2018-03-12
Published