[1]CVE

   [2](BUTTON) CVE List▾
   [3]CVE List Search [4]Search Tips [5]CVE Request Web Form [6]Web Form Help [7]PGP
   Key [8]CVE List Documents & Guidance [9]Terms of Use

   [10](BUTTON) CNAs▾
   [11]CVE Numbering Authorities (CNAs) [12]Participating CNAs [13]CNA Documents,
   Policies & Guidance [14]CNA Rules, Version 3.0 [15]New CNA Onboarding [16]Slides
   & Videos [17]How to Become a CNA

   [18](BUTTON) WGs▾
   [19]CVE Working Groups [20]Automation (AWG) [21]CNA Coordination (CNACWG)
   [22]Outreach and Communications (OCWG) [23]CVE Quality (QWG) [24]Strategic
   Planning (SPWG) [25]Tactical (TWG)

   [26](BUTTON) Board▾
   [27]CVE Board [28]Members [29]Email Archives [30]Meeting Archives [31]Board
   Charter

   [32](BUTTON) About▾
   [33]About CVE [34]Professional Code of Conduct [35]CVE & NVD Relationship
   [36]History [37]Sponsor [38]Documentation & Guidance [39]FAQs [40]Terminology

   [41](BUTTON) News & Blog▾
   [42]Latest CVE News [43]Blog [44]Podcast [45]Calendar [46]Archive [47]Follow CVE
   [48]Free CVE Newsletter [49]CVEnew Twitter Feed Twitter [50]CVEannounce Twitter
   Feed Twitter [51]CVE on Medium Medium [52]CVE on LinkedIn LinkedIn [53]CVEProject
   on GitHub GitHub [54]CVE on YouTube YouTube


   [55]Search CVE List

   [56]Downloads

   [57]Data Feeds

   [58]Update a CVE Record

   [59]Request CVE IDs


   TOTAL CVE Records: [60]233151
   NOTICE: Transition to the all-new CVE website at [61]WWW.CVE.ORG and [62]CVE
   Record Format JSON are underway.
   NOTICE: Legacy CVE download formats [63]deprecation is now underway and will end
   on June 30, 2024.
   New CVE List download format is [64]available now.

   [65]Home > [66]CVE > CVE-2012-4545

   ¿

   CVE-ID

CVE-2012-4545

   [67]Learn more at National Vulnerability Database (NVD)
   o CVSS Severity Rating o Fix Information o Vulnerable Software Versions o SCAP
   Mappings o CPE Information
   Description
   The http_negotiate_create_context function in protocol/http/http_negotiate.c in
   ELinks 0.12 before 0.12pre6, when using HTTP Negotiate or GSS-Negotiate
   authentication, delegates user credentials through GSSAPI, which allows remote
   servers to authenticate as the client via the delegated credentials.
   References
   Note: [68]References are provided for the convenience of the reader to help
   distinguish between vulnerabilities. The list is not intended to be complete.
     * [69]MISC:51569
     * [70]URL:http://secunia.com/advisories/51569
     * [71]MISC:57065
     * [72]URL:http://www.securityfocus.com/bid/57065
     * [73]MISC:DSA-2592
     * [74]URL:http://www.debian.org/security/2012/dsa-2592
     * [75]MISC:MDVSA-2013:075
     * URL:[DEL: http://www.mandriva.com/security/advisories?name=MDVSA-2013:075
       :DEL] (Obsolete source)
     * [76]MISC:RHSA-2013:0250
     * [77]URL:http://rhn.redhat.com/errata/RHSA-2013-0250.html
     * [78]MISC:elinks-httpnegotiate-security-bypass(80882)
     * [79]URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/80882
     * [80]MISC:http://bugzilla.elinks.cz/show_bug.cgi?id=1124
     * [81]URL:http://bugzilla.elinks.cz/show_bug.cgi?id=1124
     * [82]MISC:http://repo.or.cz/w/elinks.git/blobdiff/89056e21fc7ab8e1c2d4e06ec9d0
       c6d01e70669a..da18694ff7dd0b67dfcb3c417fb0579b1e7d02d7:/src/protocol/http/htt
       p_negotiate.c
     * [83]URL:http://repo.or.cz/w/elinks.git/blobdiff/89056e21fc7ab8e1c2d4e06ec9d0c
       6d01e70669a..da18694ff7dd0b67dfcb3c417fb0579b1e7d02d7:/src/protocol/http/http
       _negotiate.c

   Assigning CNA
   Red Hat, Inc.
   Date Record Created
   20120821 Disclaimer: The [84]record creation date may reflect when the CVE ID was
   allocated or reserved, and does not necessarily indicate when this vulnerability
   was discovered, shared with the affected vendor, publicly disclosed, or updated
   in CVE.
   Phase (Legacy)
   Assigned (20120821)
   Votes (Legacy)
   Comments (Legacy)

   Proposed (Legacy)
   N/A
   This is an record on the [85]CVE List, which provides common identifiers for
   publicly known cybersecurity vulnerabilities.
   Search CVE Using Keywords:   ____________________ Submit
   You can also search by reference using the [86]CVE Reference Maps.
   For More Information:  [87]CVE Request Web Form (select "Other" from dropdown)
   [88]Back to top

   [89]Site Map | [90]Terms of Use | [91]Privacy Policy | [92]Contact Us | Follow
   CVE  [93]Twitter [94]LinkedIn [95]GitHub [96]YouTube [97]Medium       [98]Search
   CVE Website

   Use of the CVE® List and the associated references from this website are subject
   to the [99]terms of use. CVE is sponsored by the [100]U.S. Department of Homeland
   Security (DHS) [101]Cybersecurity and Infrastructure Security Agency (CISA).
   Copyright © 1999-2024, [102]The MITRE Corporation. CVE and the CVE logo are
   registered trademarks of The MITRE Corporation.

References

   Visible links:
   1. https://cve.mitre.org/index.html
   2. https://www.cve.org/
   3. https://cve.mitre.org/cve/search_cve_list.html
   4. https://cve.mitre.org/find/search_tips.html
   5. https://cveform.mitre.org/
   6. https://www.cve.org/ResourcesSupport/FAQs#pc_cve_request_web_form
   7. https://www.cve.org/ResourcesSupport/FAQs#pc_cve_request_web_formweb_form_encrypt_requests
   8. https://www.cve.org/ResourcesSupport/Resources
   9. https://www.cve.org/Legal/TermsOfUse
  10. https://www.cve.org/ProgramOrganization/CNAs
  11. https://www.cve.org/ProgramOrganization/CNAs
  12. https://www.cve.org/PartnerInformation/ListofPartners
  13. https://www.cve.org/ResourcesSupport/Resources#CVENumberingAuthorities
  14. https://www.cve.org/ResourcesSupport/AllResources/CNARules
  15. https://www.cve.org/PartnerInformation/Partner#CNA
  16. https://www.cve.org/ResourcesSupport/Resources#cnaOnboarding
  17. https://www.cve.org/PartnerInformation/Partner#HowToBecomeAPartner
  18. https://www.cve.org/ProgramOrganization/WorkingGroups
  19. https://www.cve.org/ProgramOrganization/WorkingGroups
  20. https://www.cve.org/ProgramOrganization/WorkingGroups#AutomationWorkingGroupAWG
  21. https://www.cve.org/ProgramOrganization/WorkingGroups#CNACoordinationWorkingGroupCNACWG
  22. https://www.cve.org/ProgramOrganization/WorkingGroups#OutreachandCommunicationsWorkingGroupOCWG
  23. https://www.cve.org/ProgramOrganization/WorkingGroups#QualityWorkingGroupQWG
  24. https://www.cve.org/ProgramOrganization/WorkingGroups#StrategicPlanningWorkingGroupSPWG
  25. https://www.cve.org/ProgramOrganization/WorkingGroups#TacticalWorkingGroup
  26. https://www.cve.org/ProgramOrganization/Board
  27. https://www.cve.org/ProgramOrganization/Board
  28. https://www.cve.org/ProgramOrganization/Board#Members
  29. https://cve.mitre.org/community/board/archive.html#board_mail_list_archive
  30. https://cve.mitre.org/community/board/archive.html#meeting_summaries
  31. https://www.cve.org/ProgramOrganization/Board#Resources
  32. https://www.cve.org/About/Overview
  33. https://www.cve.org/About/Overview
  34. https://www.cve.org/ResourcesSupport/AllResources/ProfessionalCodeOfConduct
  35. https://www.cve.org/ResourcesSupport/FAQs#pc_introcve_nvd_relationship
  36. https://www.cve.org/About/History
  37. https://www.cve.org/ResourcesSupport/FAQs#pc_introwho_owns_cve
  38. https://www.cve.org/ResourcesSupport/Resources
  39. https://www.cve.org/ResourcesSupport/FAQs
  40. https://www.cve.org/ResourcesSupport/Glossary
  41. https://www.cve.org/Media/News/AllNews
  42. https://www.cve.org/Media/News/AllNews
  43. https://www.cve.org/Media/News/Blogs
  44. https://www.cve.org/Media/News/Podcasts
  45. https://www.cve.org/Media/Events
  46. https://cve.mitre.org/news/archives/index.html
  47. https://cve.mitre.org/cve/data_feeds.html
  48. https://www.cve.org/Media/News/NewsletterSignup
  49. https://twitter.com/CVEnew/
  50. https://twitter.com/CVEannounce/
  51. https://medium.com/@CVE_Program
  52. https://www.linkedin.com/company/cve-program
  53. https://github.com/CVEProject
  54. https://www.youtube.com/channel/UCUHd2XFDsKH8kjMZQaSKpDQ/
  55. https://cve.mitre.org/cve/search_cve_list.html
  56. https://www.cve.org/Downloads
  57. https://www.cve.org/ResourcesSupport/FAQs#pc_cve_list_basicscve_list_data_feeds
  58. https://www.cve.org/ReportRequest/ReportRequestForNonCNAs#UpdateCVERecord
  59. https://www.cve.org/ReportRequest/ReportRequestForNonCNAs#RequestCVEID
  60. https://www.cve.org/
  61. https://www.cve.org/
  62. https://www.cve.org/Media/News/item/blog/2022/10/06/CVE-Records-Are-Now-Displayed
  63. https://medium.com/@cve_program/phase-3-of-legacy-cve-download-formats-deprecation-now-underway-15c27faa4456
  64. https://www.cve.org/Media/News/item/blog/2023/03/29/CVE-Downloads-in-JSON-5-Format
  65. https://cve.mitre.org/
  66. https://cve.mitre.org/cve/
  67. https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4545
  68. https://cve.mitre.org/data/refs/index.html
  69. https://cve.mitre.org/cgi-bin/51569
  70. http://secunia.com/advisories/51569
  71. https://cve.mitre.org/cgi-bin/57065
  72. http://www.securityfocus.com/bid/57065
  73. https://cve.mitre.org/cgi-bin/DSA-2592
  74. http://www.debian.org/security/2012/dsa-2592
  75. MDVSA-2013:075
  76. RHSA-2013:0250
  77. http://rhn.redhat.com/errata/RHSA-2013-0250.html
  78. https://cve.mitre.org/cgi-bin/elinks-httpnegotiate-security-bypass(80882)
  79. https://exchange.xforce.ibmcloud.com/vulnerabilities/80882
  80. http://bugzilla.elinks.cz/show_bug.cgi?id=1124
  81. http://bugzilla.elinks.cz/show_bug.cgi?id=1124
  82. http://repo.or.cz/w/elinks.git/blobdiff/89056e21fc7ab8e1c2d4e06ec9d0c6d01e70669a..da18694ff7dd0b67dfcb3c417fb0579b1e7d02d7:/src/protocol/http/http_negotiate.c
  83. http://repo.or.cz/w/elinks.git/blobdiff/89056e21fc7ab8e1c2d4e06ec9d0c6d01e70669a..da18694ff7dd0b67dfcb3c417fb0579b1e7d02d7:/src/protocol/http/http_negotiate.c
  84. https://cve.mitre.org/about/faqs.html#date_record_created_in_cve_record
  85. https://cve.mitre.org/cve/
  86. https://cve.mitre.org/data/refs/index.html
  87. https://cveform.mitre.org/
  88. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4545#top
  89. https://cve.mitre.org/sitemap.html
  90. https://www.cve.org/Legal/TermsOfUse
  91. https://www.cve.org/Legal/PrivacyPolicy
  92. https://cveform.mitre.org/
  93. https://twitter.com/CVEnew/
  94. https://www.linkedin.com/company/cve-program
  95. https://github.com/CVEProject
  96. https://www.youtube.com/channel/UCUHd2XFDsKH8kjMZQaSKpDQ/
  97. https://medium.com/@cve_program
  98. https://cve.mitre.org/find/index.html
  99. https://cve.mitre.org/about/termsofuse.html
 100. https://www.dhs.gov/
 101. https://www.dhs.gov/cisa/cybersecurity-division/
 102. https://www.mitre.org/

   Hidden links:
 104. https://cve.mitre.org/index.html