CVE-2016-5420
First published: Mon Aug 01 2016(Updated: )
curl and libcurl before 7.50.1 do not check the client certificate when choosing the TLS connection to reuse, which might allow remote attackers to hijack the authentication of the connection by leveraging a previously created connection with a different client certificate.
Credit: secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/curl | <0:7.29.0-35.el7 | 0:7.29.0-35.el7 |
| redhat/httpd24-curl | <0:7.61.1-1.el6 | 0:7.61.1-1.el6 |
| redhat/httpd24-httpd | <0:2.4.34-7.el6 | 0:2.4.34-7.el6 |
| redhat/httpd24-nghttp2 | <0:1.7.1-7.el6 | 0:1.7.1-7.el6 |
| redhat/httpd24-curl | <0:7.61.1-1.el7 | 0:7.61.1-1.el7 |
| redhat/httpd24-httpd | <0:2.4.34-7.el7 | 0:2.4.34-7.el7 |
| redhat/httpd24-nghttp2 | <0:1.7.1-7.el7 | 0:1.7.1-7.el7 |
| redhat/curl | <7.50.1 | 7.50.1 |
| Android | ||
| Debian Linux | =8.0 | |
| libcurl | <=7.50.0 | |
| SUSE Linux | =42.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://www.cve.org/CVERecord?id=CVE-2016-5420 https://nvd.nist.gov/vuln/detail/CVE-2016-5420 https://curl.haxx.se/docs/adv_20160803B.html
- https://bugzilla.redhat.com/show_bug.cgi?id=1362190
- https://access.redhat.com/errata/RHSA-2016:2575
- https://access.redhat.com/errata/RHSA-2016:2957
- https://access.redhat.com/errata/RHSA-2018:3558
- https://access.redhat.com/security/cve/CVE-2016-5420
- http://lists.opensuse.org/opensuse-updates/2016-09/msg00011.html
- http://lists.opensuse.org/opensuse-updates/2016-09/msg00094.html
- http://rhn.redhat.com/errata/RHSA-2016-2575.html
- http://rhn.redhat.com/errata/RHSA-2016-2957.html
- http://www.debian.org/security/2016/dsa-3638
- http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
- http://www.securityfocus.com/bid/92309
- http://www.securitytracker.com/id/1036537
- http://www.securitytracker.com/id/1036739
- http://www.slackware.com/security/viewer.php?l=slackware-security&y=2016&m=slackware-security.563059
- http://www.ubuntu.com/usn/USN-3048-1
- https://curl.haxx.se/docs/adv_20160803B.html
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GLPXQQKURBQFM4XM6645VRPTOE2AWG33/
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K3GQH4V3XAQ5Z53AMQRDEC3C3UHTW7QR/
- https://security.gentoo.org/glsa/201701-47
- https://source.android.com/security/bulletin/2016-12-01.html
- https://www.tenable.com/security/tns-2016-18
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1363642
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1363643
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1363644
- https://rhn.redhat.com/errata/RHSA-2016-2575.html
- https://rhn.redhat.com/errata/RHSA-2016-2957.html
- https://source.android.com/docs/security/bulletin/2016-12-01 (Advisory)
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/GLPXQQKURBQFM4XM6645VRPTOE2AWG33/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K3GQH4V3XAQ5Z53AMQRDEC3C3UHTW7QR/
Parent vulnerabilities
(Appears in the following advisories)
Frequently Asked Questions
What is the severity of CVE-2016-5420?
CVE-2016-5420 has been classified as a medium severity vulnerability.
How do I fix CVE-2016-5420?
To address CVE-2016-5420, upgrade curl and libcurl to version 7.50.1 or later.
What software is affected by CVE-2016-5420?
CVE-2016-5420 affects curl and libcurl versions prior to 7.50.1 across various distributions.
Can CVE-2016-5420 allow for remote attacks?
Yes, CVE-2016-5420 may allow remote attackers to hijack authentication of connections.
What authentication mechanism is vulnerable in CVE-2016-5420?
CVE-2016-5420 involves a vulnerability in the TLS connection mechanism related to client certificates.
- collector/redhat-cve
- agent/type
- agent/first-publish-date
- agent/author
- agent/weakness
- agent/remedy
- agent/severity
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2016-5420
- agent/software-canonical-lookup
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/event
- agent/last-modified-date
- agent/trending
- agent/source
- collector/android-source
- source/Android
- agent/software-canonical-lookup-request
- agent/softwarecombine
- agent/tags
- collector/nvd-index
- package-manager/redhat
- vendor/google
- canonical/android
- vendor/debian
- canonical/debian linux
- version/debian linux/8.0
- vendor/haxx
- canonical/libcurl
- version/libcurl/7.50.0
- vendor/opensuse
- canonical/suse linux
- version/suse linux/42.1