CVE-2014-8151

Current Description

The darwinssl_connect_step1 function in lib/vtls/curl_darwinssl.c in libcurl 7.31.0 through 7.39.0, when using the DarwinSSL (aka SecureTransport) back-end for TLS, does not check if a cached TLS session validated the certificate when reusing the session, which allows man-in-the-middle attackers to spoof servers via a crafted certificate.

Evaluator Description

CWE-295: Improper Certificate Validation

Basic Data

PublishedJanuary 15, 2015
Last ModifiedJuly 01, 2017
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeNVD-CWE-Other
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:M/Au:N/C:P/I:P/A:N
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityMEDIUM
CVSS 2 - AuthenticationNONE
CVSS 2 - Confidentiality ImpactPARTIAL
CVSS 2 - Availability ImpactNONE
CVSS 2 - Base Score5.8
SeverityMEDIUM
Exploitability Score8.6
Impact Score4.9
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3OSAppleMac Os X********10.10.4
  • OR - Configuration 2
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationHaxxLibcurl7.31.0*******
    2.3ApplicationHaxxLibcurl7.32.0*******
    2.3ApplicationHaxxLibcurl7.33.0*******
    2.3ApplicationHaxxLibcurl7.34.0*******
    2.3ApplicationHaxxLibcurl7.35.0*******
    2.3ApplicationHaxxLibcurl7.36.0*******
    2.3ApplicationHaxxLibcurl7.37.0*******
    2.3ApplicationHaxxLibcurl7.37.1*******
    2.3ApplicationHaxxLibcurl7.38.0*******
    2.3ApplicationHaxxLibcurl7.39*******

Vulnerable Software List

VendorProductVersions
Apple Mac Os X *
Haxx Libcurl 7.31.0, 7.32.0, 7.33.0, 7.34.0, 7.35.0, 7.36.0, 7.37.0, 7.37.1, 7.38.0, 7.39

References

NameSourceURLTags
http://curl.haxx.se/docs/adv_20150108A.htmlhttp://curl.haxx.se/docs/adv_20150108A.htmlCONFIRMVendor Advisory
http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10743http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10743CONFIRM
APPLE-SA-2015-08-13-2http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.htmlAPPLE
61925http://secunia.com/advisories/61925SECUNIA
GLSA-201701-47https://security.gentoo.org/glsa/201701-47GENTOO
https://support.apple.com/kb/HT205031https://support.apple.com/kb/HT205031CONFIRM