Bug 711454 (CVE-2011-2192)

Summary: CVE-2011-2192 curl: Improper delegation of client credentials during GSS negotiation
Product: [Other] Security Response Reporter: Jan Lieskovsky <jlieskov>
Component: vulnerabilityAssignee: Red Hat Product Security <security-response-team>
Status: CLOSED ERRATA QA Contact:
Severity: medium Docs Contact:
Priority: medium    
Version: unspecifiedCC: atkac, kdudka, nalin, ovasik, prc, rcritten, security-response-team
Target Milestone: ---Keywords: Security
Target Release: ---   
Hardware: All   
OS: Linux   
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-07-05 22:00:18 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Bug Depends On: 714892, 714894, 714895, 714896, 714897, 715553    
Bug Blocks: 712351    

Description Jan Lieskovsky 2011-06-07 14:38:56 UTC
It was found that cURL performed client credentials delegation during the
client-to-server GSS security mechanisms negotiation. A remote, rogue
server could use this flaw to impersonate the cURL client (victim) against
the correct (originally intended) server, potentially leading to denial
of cURL tool services for victim client.

Comment 2 Jan Lieskovsky 2011-06-07 14:43:09 UTC
This issue affects the versions of the curl package, as shipped with
Red Hat Enterprise Linux 4, 5, and 6.


This issue affects the versions of the curl package, as shipped with
Fedora release of 13, 14, and 15.

Comment 15 Jan Lieskovsky 2011-06-23 10:23:11 UTC
Public now via:
[1] http://curl.haxx.se/docs/adv_20110623.html

Comment 16 Jan Lieskovsky 2011-06-23 10:26:56 UTC
Created curl tracking bugs for this issue

Affects: fedora-all [bug 715553]

Comment 17 errata-xmlrpc 2011-07-05 17:57:13 UTC
This issue has been addressed in following products:

  Red Hat Enterprise Linux 4
  Red Hat Enterprise Linux 5
  Red Hat Enterprise Linux 6

Via RHSA-2011:0918 https://rhn.redhat.com/errata/RHSA-2011-0918.html