Published: 03/10/2016 Updated: 13/11/2018

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N

curl and libcurl prior to 7.50.2, when built with NSS and the libnsspem.so library is available at runtime, allow remote malicious users to hijack the authentication of a TLS connection by leveraging reuse of a previously loaded client certificate from file for a connection for which no certificate has been set, a different vulnerability than CVE-2016-5420.

Vulnerable Product	Search on Vulmon	Subscribe to Product
opensuse leap 42.1
haxx libcurl

Several security issues were fixed in curl ...

Debian Bug report logs - #836918 curl: CVE-2016-7141: Incorrect reuse of client certificates (nss backend) Package: src:curl; Maintainer for src:curl is Alessandro Ghedini <ghedo@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 7 Sep 2016 08:36:01 UTC Severity: important Tags: patch, sec ...

Debian Bug report logs - #837945 curl: CVE-2016-7167: escape and unescape integer overflows Package: src:curl; Maintainer for src:curl is Alessandro Ghedini <ghedo@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 15 Sep 2016 19:06:02 UTC Severity: important Tags: fixed-upstream, patch, se ...

Synopsis Moderate: curl security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Topic An update for curl is now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System ( ...

Synopsis Moderate: httpd24 security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Topic An update for httpd24-httpd, httpd24-nghttp2, and httpd24-curl is now available for Red Hat Software CollectionsRed Hat Product Security has rated this update as having a security impact of ...

Synopsis Important: Red Hat JBoss Core Services Apache HTTP 2423 Release Type/Severity Security Advisory: Important Topic Red Hat JBoss Core Services httpd 2423 is now available from the Red Hat Customer Portal for Solaris and Microsoft Windows systemsRed Hat Product Security has rated this release as ...

After testing original CVE-2016-5420 patch, it was discovered that libcurl built on top of NSS (Network Security Services) still incorrectly re-uses client certificates if a certificate from file is used for one TLS connection but no certificate is set for a subsequent TLS connection ...

It was found that the libcurl library using the NSS (Network Security Services) library as TLS/SSL backend incorrectly re-used client certificates for subsequent TLS connections in certain cases An attacker could potentially use this flaw to hijack the authentication of the connection by leveraging a previously created connection with a different ...

CWE-287 http://www.securityfocus.com/bid/92754 http://www.securitytracker.com/id/1036739 https://bugzilla.redhat.com/show_bug.cgi?id=1373229 https://github.com/curl/curl/commit/curl-7_50_2~32 http://lists.opensuse.org/opensuse-updates/2016-09/msg00094.html https://curl.haxx.se/docs/adv_20160907.html https://security.gentoo.org/glsa/201701-47 http://rhn.redhat.com/errata/RHSA-2016-2957.html http://rhn.redhat.com/errata/RHSA-2016-2575.html http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html https://lists.debian.org/debian-lts-announce/2018/11/msg00005.html https://access.redhat.com/errata/RHSA-2018:3558 https://usn.ubuntu.com/3123-1/https://nvd.nist.gov

CVE-2016-7141

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect