CVE-2005-3185
Published: 13 October 2005
Stack-based buffer overflow in the ntlm_output function in http-ntlm.c for (1) wget 1.10, (2) curl 7.13.2, and (3) libcurl 7.13.2, and other products that use libcurl, when NTLM authentication is enabled, allows remote servers to execute arbitrary code via a long NTLM username.
Priority
Status
Package | Release | Status |
---|---|---|
curl Launchpad, Ubuntu, Debian |
dapper |
Released
(7.15.1-1ubuntu2.1)
|
edgy |
Released
(7.15.4-1ubuntu2.2)
|
|
feisty |
Released
(7.15.5-1ubuntu2.1)
|
|
upstream |
Needs triage
|
|
wget Launchpad, Ubuntu, Debian |
dapper |
Not vulnerable
|
edgy |
Not vulnerable
|
|
feisty |
Not vulnerable
|
|
upstream |
Needs triage
|