CVE-2005-3185

EPSS 4.9%

curl - buffer overflow

發布日:2005/10/13修改日:2026/4/28

也稱為:DEBIAN-CVE-2005-3185

描述

Stack-based buffer overflow in the ntlm_output function in http-ntlm.c for (1) wget 1.10, (2) curl 7.13.2, and (3) libcurl 7.13.2, and other products that use libcurl, when NTLM authentication is enabled, allows remote servers to execute arbitrary code via a long NTLM username.

受影響套件(3)

Debian/curlfrom 0, < 7.15.0-1
Debian/curlfrom 0, < 7.9.5-1woody2
Debian/wgetfrom 0, < 1.10.2-1

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2005-3185