CVE-2016-5420

curl and libcurl before 7.50.1 do not check the client certificate when choosing the TLS connection to reuse, which might allow remote attackers to hijack the authentication of the connection by leveraging a previously created connection with a different client certificate.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 73%
VendorProductVersion
debiandebian_linux
8.0
haxxlibcurl
𝑥
≤ 7.50.0
opensuseleap
42.1
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
curl
bullseye
7.74.0-1.3+deb11u13
fixed
bullseye (security)
7.74.0-1.3+deb11u11
fixed
bookworm
7.88.1-10+deb12u7
fixed
bookworm (security)
7.88.1-10+deb12u5
fixed
sid
8.10.1-2
fixed
trixie
8.10.1-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
curl
zesty
not-affected
yakkety
not-affected
xenial
Fixed 7.47.0-1ubuntu2.1
released
trusty
Fixed 7.35.0-1ubuntu2.8
released
precise
Fixed 7.22.0-3ubuntu4.16
released
Common Weakness Enumeration
References
http://lists.opensuse.org/opensuse-updates/2016-09/msg00011.html
http://lists.opensuse.org/opensuse-updates/2016-09/msg00094.html
http://rhn.redhat.com/errata/RHSA-2016-2575.html
http://rhn.redhat.com/errata/RHSA-2016-2957.html
http://www.debian.org/security/2016/dsa-3638
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
http://www.securityfocus.com/bid/92309
http://www.securitytracker.com/id/1036537
http://www.securitytracker.com/id/1036739
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.563059
http://www.ubuntu.com/usn/USN-3048-1
https://access.redhat.com/errata/RHSA-2018:3558
https://curl.haxx.se/docs/adv_20160803B.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GLPXQQKURBQFM4XM6645VRPTOE2AWG33/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K3GQH4V3XAQ5Z53AMQRDEC3C3UHTW7QR/
https://security.gentoo.org/glsa/201701-47
https://source.android.com/security/bulletin/2016-12-01.html
https://www.tenable.com/security/tns-2016-18
http://lists.opensuse.org/opensuse-updates/2016-09/msg00011.html
http://lists.opensuse.org/opensuse-updates/2016-09/msg00094.html
http://rhn.redhat.com/errata/RHSA-2016-2575.html
http://rhn.redhat.com/errata/RHSA-2016-2957.html
http://www.debian.org/security/2016/dsa-3638
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
http://www.securityfocus.com/bid/92309
http://www.securitytracker.com/id/1036537
http://www.securitytracker.com/id/1036739
http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.563059
http://www.ubuntu.com/usn/USN-3048-1
https://access.redhat.com/errata/RHSA-2018:3558
https://curl.haxx.se/docs/adv_20160803B.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GLPXQQKURBQFM4XM6645VRPTOE2AWG33/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K3GQH4V3XAQ5Z53AMQRDEC3C3UHTW7QR/
https://security.gentoo.org/glsa/201701-47
https://source.android.com/security/bulletin/2016-12-01.html
https://www.tenable.com/security/tns-2016-18