Ergebnis für URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4545 [1]CVE
[2](BUTTON) CVE List▾
[3]CVE List Search [4]Search Tips [5]CVE Request Web Form [6]Web Form Help [7]PGP
Key [8]CVE List Documents & Guidance [9]Terms of Use
[10](BUTTON) CNAs▾
[11]CVE Numbering Authorities (CNAs) [12]Participating CNAs [13]CNA Documents,
Policies & Guidance [14]CNA Rules, Version 3.0 [15]New CNA Onboarding [16]Slides
& Videos [17]How to Become a CNA
[18](BUTTON) WGs▾
[19]CVE Working Groups [20]Automation (AWG) [21]CNA Coordination (CNACWG)
[22]Outreach and Communications (OCWG) [23]CVE Quality (QWG) [24]Strategic
Planning (SPWG) [25]Tactical (TWG)
[26](BUTTON) Board▾
[27]CVE Board [28]Members [29]Email Archives [30]Meeting Archives [31]Board
Charter
[32](BUTTON) About▾
[33]About CVE [34]Professional Code of Conduct [35]CVE & NVD Relationship
[36]History [37]Sponsor [38]Documentation & Guidance [39]FAQs [40]Terminology
[41](BUTTON) News & Blog▾
[42]Latest CVE News [43]Blog [44]Podcast [45]Calendar [46]Archive [47]Follow CVE
[48]Free CVE Newsletter [49]CVEnew Twitter Feed Twitter [50]CVEannounce Twitter
Feed Twitter [51]CVE on Medium Medium [52]CVE on LinkedIn LinkedIn [53]CVEProject
on GitHub GitHub [54]CVE on YouTube YouTube
[55]Search CVE List
[56]Downloads
[57]Data Feeds
[58]Update a CVE Record
[59]Request CVE IDs
TOTAL CVE Records: [60]233151
NOTICE: Transition to the all-new CVE website at [61]WWW.CVE.ORG and [62]CVE
Record Format JSON are underway.
NOTICE: Legacy CVE download formats [63]deprecation is now underway and will end
on June 30, 2024.
New CVE List download format is [64]available now.
[65]Home > [66]CVE > CVE-2012-4545
¿
CVE-ID
CVE-2012-4545
[67]Learn more at National Vulnerability Database (NVD)
o CVSS Severity Rating o Fix Information o Vulnerable Software Versions o SCAP
Mappings o CPE Information
Description
The http_negotiate_create_context function in protocol/http/http_negotiate.c in
ELinks 0.12 before 0.12pre6, when using HTTP Negotiate or GSS-Negotiate
authentication, delegates user credentials through GSSAPI, which allows remote
servers to authenticate as the client via the delegated credentials.
References
Note: [68]References are provided for the convenience of the reader to help
distinguish between vulnerabilities. The list is not intended to be complete.
* [69]MISC:51569
* [70]URL:http://secunia.com/advisories/51569
* [71]MISC:57065
* [72]URL:http://www.securityfocus.com/bid/57065
* [73]MISC:DSA-2592
* [74]URL:http://www.debian.org/security/2012/dsa-2592
* [75]MISC:MDVSA-2013:075
* URL:[DEL: http://www.mandriva.com/security/advisories?name=MDVSA-2013:075
:DEL] (Obsolete source)
* [76]MISC:RHSA-2013:0250
* [77]URL:http://rhn.redhat.com/errata/RHSA-2013-0250.html
* [78]MISC:elinks-httpnegotiate-security-bypass(80882)
* [79]URL:https://exchange.xforce.ibmcloud.com/vulnerabilities/80882
* [80]MISC:http://bugzilla.elinks.cz/show_bug.cgi?id=1124
* [81]URL:http://bugzilla.elinks.cz/show_bug.cgi?id=1124
* [82]MISC:http://repo.or.cz/w/elinks.git/blobdiff/89056e21fc7ab8e1c2d4e06ec9d0
c6d01e70669a..da18694ff7dd0b67dfcb3c417fb0579b1e7d02d7:/src/protocol/http/htt
p_negotiate.c
* [83]URL:http://repo.or.cz/w/elinks.git/blobdiff/89056e21fc7ab8e1c2d4e06ec9d0c
6d01e70669a..da18694ff7dd0b67dfcb3c417fb0579b1e7d02d7:/src/protocol/http/http
_negotiate.c
Assigning CNA
Red Hat, Inc.
Date Record Created
20120821 Disclaimer: The [84]record creation date may reflect when the CVE ID was
allocated or reserved, and does not necessarily indicate when this vulnerability
was discovered, shared with the affected vendor, publicly disclosed, or updated
in CVE.
Phase (Legacy)
Assigned (20120821)
Votes (Legacy)
Comments (Legacy)
Proposed (Legacy)
N/A
This is an record on the [85]CVE List, which provides common identifiers for
publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: ____________________ Submit
You can also search by reference using the [86]CVE Reference Maps.
For More Information: [87]CVE Request Web Form (select "Other" from dropdown)
[88]Back to top
[89]Site Map | [90]Terms of Use | [91]Privacy Policy | [92]Contact Us | Follow
CVE [93]Twitter [94]LinkedIn [95]GitHub [96]YouTube [97]Medium [98]Search
CVE Website
Use of the CVE® List and the associated references from this website are subject
to the [99]terms of use. CVE is sponsored by the [100]U.S. Department of Homeland
Security (DHS) [101]Cybersecurity and Infrastructure Security Agency (CISA).
Copyright © 1999-2024, [102]The MITRE Corporation. CVE and the CVE logo are
registered trademarks of The MITRE Corporation.
References
Visible links:
1. https://cve.mitre.org/index.html
2. https://www.cve.org/
3. https://cve.mitre.org/cve/search_cve_list.html
4. https://cve.mitre.org/find/search_tips.html
5. https://cveform.mitre.org/
6. https://www.cve.org/ResourcesSupport/FAQs#pc_cve_request_web_form
7. https://www.cve.org/ResourcesSupport/FAQs#pc_cve_request_web_formweb_form_encrypt_requests
8. https://www.cve.org/ResourcesSupport/Resources
9. https://www.cve.org/Legal/TermsOfUse
10. https://www.cve.org/ProgramOrganization/CNAs
11. https://www.cve.org/ProgramOrganization/CNAs
12. https://www.cve.org/PartnerInformation/ListofPartners
13. https://www.cve.org/ResourcesSupport/Resources#CVENumberingAuthorities
14. https://www.cve.org/ResourcesSupport/AllResources/CNARules
15. https://www.cve.org/PartnerInformation/Partner#CNA
16. https://www.cve.org/ResourcesSupport/Resources#cnaOnboarding
17. https://www.cve.org/PartnerInformation/Partner#HowToBecomeAPartner
18. https://www.cve.org/ProgramOrganization/WorkingGroups
19. https://www.cve.org/ProgramOrganization/WorkingGroups
20. https://www.cve.org/ProgramOrganization/WorkingGroups#AutomationWorkingGroupAWG
21. https://www.cve.org/ProgramOrganization/WorkingGroups#CNACoordinationWorkingGroupCNACWG
22. https://www.cve.org/ProgramOrganization/WorkingGroups#OutreachandCommunicationsWorkingGroupOCWG
23. https://www.cve.org/ProgramOrganization/WorkingGroups#QualityWorkingGroupQWG
24. https://www.cve.org/ProgramOrganization/WorkingGroups#StrategicPlanningWorkingGroupSPWG
25. https://www.cve.org/ProgramOrganization/WorkingGroups#TacticalWorkingGroup
26. https://www.cve.org/ProgramOrganization/Board
27. https://www.cve.org/ProgramOrganization/Board
28. https://www.cve.org/ProgramOrganization/Board#Members
29. https://cve.mitre.org/community/board/archive.html#board_mail_list_archive
30. https://cve.mitre.org/community/board/archive.html#meeting_summaries
31. https://www.cve.org/ProgramOrganization/Board#Resources
32. https://www.cve.org/About/Overview
33. https://www.cve.org/About/Overview
34. https://www.cve.org/ResourcesSupport/AllResources/ProfessionalCodeOfConduct
35. https://www.cve.org/ResourcesSupport/FAQs#pc_introcve_nvd_relationship
36. https://www.cve.org/About/History
37. https://www.cve.org/ResourcesSupport/FAQs#pc_introwho_owns_cve
38. https://www.cve.org/ResourcesSupport/Resources
39. https://www.cve.org/ResourcesSupport/FAQs
40. https://www.cve.org/ResourcesSupport/Glossary
41. https://www.cve.org/Media/News/AllNews
42. https://www.cve.org/Media/News/AllNews
43. https://www.cve.org/Media/News/Blogs
44. https://www.cve.org/Media/News/Podcasts
45. https://www.cve.org/Media/Events
46. https://cve.mitre.org/news/archives/index.html
47. https://cve.mitre.org/cve/data_feeds.html
48. https://www.cve.org/Media/News/NewsletterSignup
49. https://twitter.com/CVEnew/
50. https://twitter.com/CVEannounce/
51. https://medium.com/@CVE_Program
52. https://www.linkedin.com/company/cve-program
53. https://github.com/CVEProject
54. https://www.youtube.com/channel/UCUHd2XFDsKH8kjMZQaSKpDQ/
55. https://cve.mitre.org/cve/search_cve_list.html
56. https://www.cve.org/Downloads
57. https://www.cve.org/ResourcesSupport/FAQs#pc_cve_list_basicscve_list_data_feeds
58. https://www.cve.org/ReportRequest/ReportRequestForNonCNAs#UpdateCVERecord
59. https://www.cve.org/ReportRequest/ReportRequestForNonCNAs#RequestCVEID
60. https://www.cve.org/
61. https://www.cve.org/
62. https://www.cve.org/Media/News/item/blog/2022/10/06/CVE-Records-Are-Now-Displayed
63. https://medium.com/@cve_program/phase-3-of-legacy-cve-download-formats-deprecation-now-underway-15c27faa4456
64. https://www.cve.org/Media/News/item/blog/2023/03/29/CVE-Downloads-in-JSON-5-Format
65. https://cve.mitre.org/
66. https://cve.mitre.org/cve/
67. https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-4545
68. https://cve.mitre.org/data/refs/index.html
69. https://cve.mitre.org/cgi-bin/51569
70. http://secunia.com/advisories/51569
71. https://cve.mitre.org/cgi-bin/57065
72. http://www.securityfocus.com/bid/57065
73. https://cve.mitre.org/cgi-bin/DSA-2592
74. http://www.debian.org/security/2012/dsa-2592
75. MDVSA-2013:075
76. RHSA-2013:0250
77. http://rhn.redhat.com/errata/RHSA-2013-0250.html
78. https://cve.mitre.org/cgi-bin/elinks-httpnegotiate-security-bypass(80882)
79. https://exchange.xforce.ibmcloud.com/vulnerabilities/80882
80. http://bugzilla.elinks.cz/show_bug.cgi?id=1124
81. http://bugzilla.elinks.cz/show_bug.cgi?id=1124
82. http://repo.or.cz/w/elinks.git/blobdiff/89056e21fc7ab8e1c2d4e06ec9d0c6d01e70669a..da18694ff7dd0b67dfcb3c417fb0579b1e7d02d7:/src/protocol/http/http_negotiate.c
83. http://repo.or.cz/w/elinks.git/blobdiff/89056e21fc7ab8e1c2d4e06ec9d0c6d01e70669a..da18694ff7dd0b67dfcb3c417fb0579b1e7d02d7:/src/protocol/http/http_negotiate.c
84. https://cve.mitre.org/about/faqs.html#date_record_created_in_cve_record
85. https://cve.mitre.org/cve/
86. https://cve.mitre.org/data/refs/index.html
87. https://cveform.mitre.org/
88. https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-4545#top
89. https://cve.mitre.org/sitemap.html
90. https://www.cve.org/Legal/TermsOfUse
91. https://www.cve.org/Legal/PrivacyPolicy
92. https://cveform.mitre.org/
93. https://twitter.com/CVEnew/
94. https://www.linkedin.com/company/cve-program
95. https://github.com/CVEProject
96. https://www.youtube.com/channel/UCUHd2XFDsKH8kjMZQaSKpDQ/
97. https://medium.com/@cve_program
98. https://cve.mitre.org/find/index.html
99. https://cve.mitre.org/about/termsofuse.html
100. https://www.dhs.gov/
101. https://www.dhs.gov/cisa/cybersecurity-division/
102. https://www.mitre.org/
Hidden links:
104. https://cve.mitre.org/index.html
Usage: http://www.kk-software.de/kklynxview/get/URL
e.g. http://www.kk-software.de/kklynxview/get/http://www.kk-software.de
Errormessages are in German, sorry ;-)