CVE-2012-4545
EPSS 0.47%elinks - programming error
發布日:2013/1/3修改日:2026/4/28
也稱為:DEBIAN-CVE-2012-4545
描述
The http_negotiate_create_context function in protocol/http/http_negotiate.c in ELinks 0.12 before 0.12pre6, when using HTTP Negotiate or GSS-Negotiate authentication, delegates user credentials through GSSAPI, which allows remote servers to authenticate as the client via the delegated credentials.
受影響套件(2)
- Debian/elinksfrom 0, < 0.12~pre5-9
- Debian/elinksfrom 0, < 0.12~pre5-2+squeeze1