Unrated severityNVD Advisory· Published Jul 7, 2011· Updated Jun 16, 2026
CVE-2011-2192
CVE-2011-2192
Description
The Curl_input_negotiate function in http_negotiate.c in libcurl 7.10.6 through 7.21.6, as used in curl and other products, always performs credential delegation during GSSAPI authentication, which allows remote servers to impersonate clients via GSSAPI requests.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
13cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*+ 3 more
- cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:10.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:11.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:8.04:*:*:*:lts:*:*:*
cpe:2.3:o:fedoraproject:fedora:14:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:fedoraproject:fedora:14:*:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:15:*:*:*:*:*:*:*
Patches
Vulnerability mechanics
References
19- curl.haxx.se/docs/adv_20110623.htmlnvdVendor Advisory
- lists.apple.com/archives/security-announce/2012/Feb/msg00000.htmlnvdMailing ListThird Party Advisory
- lists.fedoraproject.org/pipermail/package-announce/2011-July/062287.htmlnvdMailing ListThird Party Advisory
- lists.fedoraproject.org/pipermail/package-announce/2011-June/061992.htmlnvdMailing ListThird Party Advisory
- secunia.com/advisories/45047nvdThird Party Advisory
- secunia.com/advisories/45067nvdThird Party Advisory
- secunia.com/advisories/45088nvdThird Party Advisory
- secunia.com/advisories/45144nvdThird Party Advisory
- secunia.com/advisories/45181nvdThird Party Advisory
- secunia.com/advisories/48256nvdThird Party Advisory
- security.gentoo.org/glsa/glsa-201203-02.xmlnvdThird Party Advisory
- support.apple.com/kb/HT5130nvdThird Party Advisory
- www.debian.org/security/2011/dsa-2271nvdThird Party Advisory
- www.mandriva.com/security/advisoriesnvdThird Party Advisory
- www.redhat.com/support/errata/RHSA-2011-0918.htmlnvdThird Party Advisory
- www.securitytracker.com/idnvdThird Party AdvisoryVDB Entry
- www.ubuntu.com/usn/USN-1158-1nvdThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
- curl.haxx.se/curl-gssapi-delegation.patchnvdBroken Link
News mentions
0No linked articles in our index yet.