Vulnerability Description
The darwinssl_connect_step1 function in lib/vtls/curl_darwinssl.c in libcurl 7.31.0 through 7.39.0, when using the DarwinSSL (aka SecureTransport) back-end for TLS, does not check if a cached TLS session validated the certificate when reusing the session, which allows man-in-the-middle attackers to spoof servers via a crafted certificate.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Apple | Mac Os X | <= 10.10.4 |
| Haxx | Libcurl | 7.31.0 |
References
- http://curl.haxx.se/docs/adv_20150108A.htmlVendor Advisory
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10743
- http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html
- http://secunia.com/advisories/61925
- https://security.gentoo.org/glsa/201701-47
- https://support.apple.com/kb/HT205031
- http://curl.haxx.se/docs/adv_20150108A.htmlVendor Advisory
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10743
- http://lists.apple.com/archives/security-announce/2015/Aug/msg00001.html
- http://secunia.com/advisories/61925
- https://security.gentoo.org/glsa/201701-47
- https://support.apple.com/kb/HT205031
FAQ
What is CVE-2014-8151?
CVE-2014-8151 is a vulnerability with a CVSS score of 5.8 (MEDIUM). The darwinssl_connect_step1 function in lib/vtls/curl_darwinssl.c in libcurl 7.31.0 through 7.39.0, when using the DarwinSSL (aka SecureTransport) back-end for TLS, does not check if a cached TLS sess...
How severe is CVE-2014-8151?
CVE-2014-8151 has been rated MEDIUM with a CVSS base score of 5.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-8151?
Check the references section above for vendor advisories and patch information. Affected products include: Apple Mac Os X, Haxx Libcurl.