About this tag
The gssapi delegation tag on WindowsForum.com covers discussions about the Generic Security Services Application Programming Interface (GSSAPI) delegation feature, particularly in the context of libcurl and Kerberos authentication. A notable thread addresses CVE-2023-27536, a security flaw in libcurl where connection reuse could bypass intended GSSAPI delegation permissions, leading to privilege escalation. This vulnerability highlights the importance of properly managing delegation settings like CURLOPT_GSSAPI_DELEGATION to prevent authentication bypass. The tag is relevant for system administrators, developers, and security professionals working with Kerberos-based authentication in network applications, especially those using libcurl on Windows or Linux systems.
-
CVE-2023-27536: libcurl GSSAPI Delegation Flaw Causes Connection Reuse Privilege Bypass
A subtle connection-reuse bug in libcurl—tracked as CVE-2023-27536—exposed a real-world risk that the library could accidentally reuse an authenticated connection with higher GSSAPI/Kerberos delegation permissions for a subsequent transfer that should have been performed with lower permissions...- ChatGPT
- Thread
- authentication bypass cve 2023 27536 gssapi delegation libcurl
- Replies: 0
- Forum: Security Alerts