Paras Sethia

**Name of the Vulnerable Software and Affected Versions** cURL and libcurl versions 7.10.6 through 7.41.0 libcurl (affected versions not specified) in apple mac os x, canonical ubuntu linux, debian debian linux, hp system management homepage **Description** The issue is related to the improper re-use of NTLM connections, allowing remote attackers to connect as other users via an unauthenticated request. This is similar to a previously known issue. **Recommendations** For cURL and libcurl versions 7.10.6 through 7.41.0: update to a version that properly handles NTLM connections to prevent unauthorized access. For libcurl in apple mac os x, canonical ubuntu linux, debian debian linux, hp system management homepage: At the moment, there is no information about a newer version that contains a fix for this vulnerability.