CVE-2005-3185
EPSS 4.9%curl - buffer overflow
Published: 10/13/2005Modified: 4/28/2026
Description
Stack-based buffer overflow in the ntlm_output function in http-ntlm.c for (1) wget 1.10, (2) curl 7.13.2, and (3) libcurl 7.13.2, and other products that use libcurl, when NTLM authentication is enabled, allows remote servers to execute arbitrary code via a long NTLM username.
Affected packages (3)
- Debian/curlfrom 0, < 7.15.0-1
- Debian/curlfrom 0, < 7.9.5-1woody2
- Debian/wgetfrom 0, < 1.10.2-1