CVE-2014-8151
Current Description
The darwinssl_connect_step1 function in lib/vtls/curl_darwinssl.c in libcurl 7.31.0 through 7.39.0, when using the DarwinSSL (aka SecureTransport) back-end for TLS, does not check if a cached TLS session validated the certificate when reusing the session, which allows man-in-the-middle attackers to spoof servers via a crafted certificate.
Evaluator Description
CWE-295: Improper Certificate Validation
Basic Data
| Published | January 15, 2015 |
|---|
| Last Modified | July 01, 2017 |
|---|
| Assigner | cve@mitre.org |
|---|
| Data Type | CVE |
|---|
| Data Format | MITRE |
|---|
| Data Version | 4.0 |
|---|
| Problem Type | NVD-CWE-Other |
|---|
| CVE Data Version | 4.0 |
|---|
Base Metric V2
| CVSS 2 - Version | 2.0 |
|---|
| CVSS 2 - Vector String | AV:N/AC:M/Au:N/C:P/I:P/A:N |
|---|
| CVSS 2 - Access Vector | NETWORK |
|---|
| CVSS 2 - Access Complexity | MEDIUM |
|---|
| CVSS 2 - Authentication | NONE |
|---|
| CVSS 2 - Confidentiality Impact | PARTIAL |
|---|
| CVSS 2 - Availability Impact | NONE |
|---|
| CVSS 2 - Base Score | 5.8 |
|---|
| Severity | MEDIUM |
|---|
| Exploitability Score | 8.6 |
|---|
| Impact Score | 4.9 |
|---|
| Obtain All Privilege | false |
|---|
| Obtain User Privilege | false |
|---|
| Obtain Other Privilege | false |
|---|
Base Metric V3
No data provided.
Configurations
-
OR - Configuration 1
| Cpe Version | Part | Vendor | Product | Version | Update | Edition | Language | SW Edition | Target SW | Target HW | Other | Version Start Including | Version End Including | Version Start Excluding | Version End Excluding |
|---|
| 2.3 | OS | Apple | Mac Os X | * | * | * | * | * | * | * | * | � | 10.10.4 | � | � |
-
OR - Configuration 2
| Cpe Version | Part | Vendor | Product | Version | Update | Edition | Language | SW Edition | Target SW | Target HW | Other | Version Start Including | Version End Including | Version Start Excluding | Version End Excluding |
|---|
| 2.3 | Application | Haxx | Libcurl | 7.31.0 | * | * | * | * | * | * | * | � | � | � | � |
| 2.3 | Application | Haxx | Libcurl | 7.32.0 | * | * | * | * | * | * | * | � | � | � | � |
| 2.3 | Application | Haxx | Libcurl | 7.33.0 | * | * | * | * | * | * | * | � | � | � | � |
| 2.3 | Application | Haxx | Libcurl | 7.34.0 | * | * | * | * | * | * | * | � | � | � | � |
| 2.3 | Application | Haxx | Libcurl | 7.35.0 | * | * | * | * | * | * | * | � | � | � | � |
| 2.3 | Application | Haxx | Libcurl | 7.36.0 | * | * | * | * | * | * | * | � | � | � | � |
| 2.3 | Application | Haxx | Libcurl | 7.37.0 | * | * | * | * | * | * | * | � | � | � | � |
| 2.3 | Application | Haxx | Libcurl | 7.37.1 | * | * | * | * | * | * | * | � | � | � | � |
| 2.3 | Application | Haxx | Libcurl | 7.38.0 | * | * | * | * | * | * | * | � | � | � | � |
| 2.3 | Application | Haxx | Libcurl | 7.39 | * | * | * | * | * | * | * | � | � | � | � |
Vulnerable Software List
| Vendor | Product | Versions |
| Apple
|
Mac Os X |
* |
| Haxx
|
Libcurl |
7.31.0, 7.32.0, 7.33.0, 7.34.0, 7.35.0, 7.36.0, 7.37.0, 7.37.1, 7.38.0, 7.39 |
References
| Name | Source | URL | Tags |
|---|
| http://curl.haxx.se/docs/adv_20150108A.html | http://curl.haxx.se/docs/adv_20150108A.html | CONFIRM | Vendor Advisory |
| http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10743 | http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10743 | CONFIRM | |
| APPLE-SA-2015-08-13-2 | http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html | APPLE | |
| 61925 | http://secunia.com/advisories/61925 | SECUNIA | |
| GLSA-201701-47 | https://security.gentoo.org/glsa/201701-47 | GENTOO | |
| https://support.apple.com/kb/HT205031 | https://support.apple.com/kb/HT205031 | CONFIRM | |
Follow @discotekdotca