CURL-CVE-2005-3185

See a problem?
Please try reporting it to the source first.
Source
https://curl.se/docs/CVE-2005-3185.html
Import Source
https://curl.se/docs/CURL-CVE-2005-3185.json
JSON Data
https://api.osv.dev/v1/vulns/CURL-CVE-2005-3185
Aliases
Published
2005-10-13T08:00:00Z
Modified
2024-06-07T13:53:51Z
Summary
NTLM Buffer Overflow
Details

libcurl's NTLM function can overflow a stack-based buffer if given a too long username or domain name. This would happen if you enable NTLM authentication and either:

A - pass in a username and domain name to libcurl that together are longer than 192 bytes

B - allow (lib)curl to follow HTTP "redirects" (Location: and the appropriate HTTP 30x response code) and the new URL contains a URL with a username and domain name that together are longer than 192 bytes

Database specific 
{
    "package": "curl",
    "severity": "High",
    "www": "https://curl.se/docs/CVE-2005-3185.html",
    "last_affected": "7.14.1",
    "affects": "both",
    "CWE": {
        "id": "CWE-121",
        "desc": "Stack-based Buffer Overflow"
    },
    "URL": "https://curl.se/docs/CVE-2005-3185.json"
}
References
Credits
    • iDEFENSE - FINDER

Affected packages

Git / github.com/curl/curl.git

Affected ranges

Type
SEMVER
Events
Introduced
7.10.6
Fixed
7.15.0
Type
GIT
Repo
https://github.com/curl/curl.git
Events
Introduced
bdb5e5a25037a585e0ec6b83d29b25961c6823f8
Fixed
943aea62679fb9f2d6d7abe59b5edcba21490c52

Affected versions

7.*

7.10.6
7.10.7
7.10.8
7.11.0
7.11.1
7.11.2
7.12.0
7.12.1
7.12.2
7.12.3
7.13.0
7.13.1
7.13.2
7.14.0
7.14.1