FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

curl -- Credentials not checked

Affected packages
7.10.0 <= curl < 7.47.0

Details

VuXML ID 8b27f1bc-c509-11e5-a95f-b499baebfeaf
Discovery 2016-01-27
Entry 2016-01-27
Modified 2017-02-06

The cURL project reports:

libcurl will reuse NTLM-authenticated proxy connections without properly making sure that the connection was authenticated with the same credentials as set for this transfer.

References

CVE Name CVE-2016-0755
URL http://curl.haxx.se/docs/adv_20160127A.html