4.3
CVSSv2

CVE-2016-8616

Published: 01/08/2018 Updated: 09/10/2019
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 5.9 | Impact Score: 3.6 | Exploitability Score: 2.2
VMScore: 383
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Summary

A flaw was found in curl before version 7.51.0 When re-using a connection, curl was doing case insensitive comparisons of user name and password with the existing connections. This means that if an unused connection with proper credentials exists for a protocol that has connection-scoped credentials, an attacker can cause that connection to be reused if s/he knows the case-insensitive version of the correct password.

Vulnerability Trend

Affected Products

Vendor Product Versions
HaxxCurl6.0, 6.1, 6.2, 6.3, 6.3.1, 6.4, 6.5, 6.5.1, 6.5.2, 7.1, 7.1.1, 7.2, 7.2.1, 7.3, 7.4, 7.4.1, 7.4.2, 7.5, 7.5.1, 7.5.2, 7.6, 7.6.1, 7.7, 7.7.1, 7.7.2, 7.7.3, 7.8, 7.8.1, 7.9, 7.9.1, 7.9.2, 7.9.3, 7.9.4, 7.9.5, 7.9.6, 7.9.7, 7.9.8, 7.10, 7.10.1, 7.10.2, 7.10.3, 7.10.4, 7.10.5, 7.10.6, 7.10.7, 7.10.8, 7.11.0, 7.11.1, 7.11.2, 7.12.0, 7.12.1, 7.12.2, 7.12.3, 7.13.0, 7.13.1, 7.13.2, 7.14.0, 7.14.1, 7.15.0, 7.15.1, 7.15.2, 7.15.3, 7.15.4, 7.15.5, 7.16.0, 7.16.1, 7.16.2, 7.16.3, 7.16.4, 7.17.0, 7.17.1, 7.18.0, 7.18.1, 7.18.2, 7.19.0, 7.19.1, 7.19.2, 7.19.3, 7.19.4, 7.19.5, 7.19.6, 7.19.7, 7.19.7-53, 7.20.0, 7.20.1, 7.21.0, 7.21.1, 7.21.2, 7.21.3, 7.21.4, 7.21.5, 7.21.6, 7.21.7, 7.22.0, 7.23.0, 7.23.1, 7.24.0, 7.25.0, 7.26.0, 7.27.0, 7.28.0, 7.28.1, 7.29.0, 7.30.0, 7.31.0, 7.32.0, 7.33.0, 7.34.0, 7.35.0, 7.36.0, 7.37.0, 7.37.1, 7.38.0, 7.39.0, 7.40.0, 7.41.0, 7.42.0, 7.42.1, 7.43.0, 7.44.0, 7.45.0, 7.46.0, 7.47.0, 7.47.1, 7.48.0, 7.49.0, 7.49.1, 7.50.0, 7.50.1, 7.50.2, 7.50.3

Vendor Advisories

A flaw was found in curl before version 7510 When re-using a connection, curl was doing case insensitive comparisons of user name and password with the existing connections This means that if an unused connection with proper credentials exists for a protocol that has connection-scoped credentials, an attacker can cause that connection to be reus ...
When re-using a connection, curl was doing case insensitive comparisons of user name and password with the existing connections This means that if an unused connection with proper credentials exists for a protocol that has connection-scoped credentials, an attacker can cause that connection to be reused if s/he knows the case-insensitive version ...
Synopsis Important: Red Hat JBoss Core Services Apache HTTP Server 2429 security update Type/Severity Security Advisory: Important Topic Red Hat JBoss Core Services Pack Apache Server 2429 packages for Microsoft Windows and Oracle Solaris are now availableRed Hat Product Security has rated this release ...
Several security issues were fixed in curl ...
Debian Bug report logs - #836918 curl: CVE-2016-7141: Incorrect reuse of client certificates (nss backend) Package: src:curl; Maintainer for src:curl is Alessandro Ghedini <ghedo@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Wed, 7 Sep 2016 08:36:01 UTC Severity: important Tags: patch, sec ...
Arch Linux Security Advisory ASA-201611-10 ========================================== Severity: High Date : 2016-11-03 CVE-ID : CVE-2016-8615 CVE-2016-8616 CVE-2016-8617 CVE-2016-8618 CVE-2016-8619 CVE-2016-8621 CVE-2016-8623 CVE-2016-8624 CVE-2016-8625 Package : lib32-libcurl-gnutls Type : multiple issues Remote : Yes ...
Debian Bug report logs - #837945 curl: CVE-2016-7167: escape and unescape integer overflows Package: src:curl; Maintainer for src:curl is Alessandro Ghedini <ghedo@debianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Thu, 15 Sep 2016 19:06:02 UTC Severity: important Tags: fixed-upstream, patch, se ...
Arch Linux Security Advisory ASA-201611-9 ========================================= Severity: High Date : 2016-11-03 CVE-ID : CVE-2016-8615 CVE-2016-8616 CVE-2016-8617 CVE-2016-8619 CVE-2016-8621 CVE-2016-8622 CVE-2016-8623 CVE-2016-8624 CVE-2016-8625 Package : libcurl-gnutls Type : multiple issues Remote : Yes Link ...
Arch Linux Security Advisory ASA-201611-5 ========================================= Severity: High Date : 2016-11-02 CVE-ID : CVE-2016-8615 CVE-2016-8616 CVE-2016-8617 CVE-2016-8618 CVE-2016-8619 CVE-2016-8621 CVE-2016-8623 CVE-2016-8624 CVE-2016-8625 Package : lib32-libcurl-compat Type : multiple issues Remote : Yes Li ...
Synopsis Moderate: httpd24 security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Topic An update for httpd24-httpd, httpd24-nghttp2, and httpd24-curl is now available for Red Hat Software CollectionsRed Hat Product Security has rated this update as having a security impact of ...
Arch Linux Security Advisory ASA-201611-4 ========================================= Severity: High Date : 2016-11-02 CVE-ID : CVE-2016-8615 CVE-2016-8616 CVE-2016-8617 CVE-2016-8618 CVE-2016-8619 CVE-2016-8621 CVE-2016-8623 CVE-2016-8624 CVE-2016-8625 Package : lib32-curl Type : multiple issues Remote : Yes Link : ht ...
Arch Linux Security Advisory ASA-201611-7 ========================================= Severity: High Date : 2016-11-03 CVE-ID : CVE-2016-8615 CVE-2016-8616 CVE-2016-8617 CVE-2016-8619 CVE-2016-8620 CVE-2016-8621 CVE-2016-8622 CVE-2016-8623 CVE-2016-8624 CVE-2016-8625 Package : curl Type : multiple issues Remote : Yes Link ...
Arch Linux Security Advisory ASA-201611-8 ========================================= Severity: High Date : 2016-11-03 CVE-ID : CVE-2016-8615 CVE-2016-8616 CVE-2016-8617 CVE-2016-8619 CVE-2016-8621 CVE-2016-8622 CVE-2016-8623 CVE-2016-8624 CVE-2016-8625 Package : libcurl-compat Type : multiple issues Remote : Yes Link ...
This build resolves the following issues: CVE-2016-8615 : Cookie injection for other serversCVE-2016-8616 : Case insensitive password comparisonCVE-2016-8617 : Out-of-bounds write via unchecked multiplicationCVE-2016-8618 : Double-free in curl_maprintfCVE-2016-8619 : Double-free in krb5 codeCVE-2016-8620 : Glob parser write/read out of boundsCVE-20 ...
About Apple security updatesFor our customers' protection, Apple doesn't disclose, discuss, or confirm security issues until an investigation has occurred and patches or releases are available Recent releases are listed on the Apple security updates page For more information about security, see the Apple Product Security page You can encrypt ...
Oracle Solaris Third Party Bulletin - January 2017 Description The Oracle Solaris Third Party Bulletin announces patches for one or more security vulnerabilities fixed in third party software that is included in Oracle Solaris distributions Starting January 20, 2015, Third Party Bulletins are released on the same day when Oracle Critical Patch Up ...
Oracle Critical Patch Update Advisory - October 2018 Description A Critical Patch Update is a collection of patches for multiple security vulnerabilities Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previou ...
Oracle Critical Patch Update Advisory - April 2017 Description A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities Critical Patch Update patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical Patch Update advisory Thus ...
LCE 481 is possibly impacted by multiple vulnerabilities reported in third-party libraries Tenable has not investigated each one to determine if it is exploitable or the vulnerable code path can be reached Instead, Dev has upgraded the impacted libraries as a faster and safer alternative Due to the number of library upgrades and the potential ...