CVE-2005-3185 - Secunia Advisories - Vulnerability Intelligence - Secunia.com

Vulnerability Intelligence

Vulnerability Scanning

Community - new!

Blog - new entry!

Corporate Information

Secunia Advisories

Secunia Research

Binary Analysis

Home > Vulnerability Intelligence > Secunia Advisories > CVE-2005-3185

Secunia Advisories

Advisories by Product

Advisories by Vendor

Historic Advisories

Mailing Lists & RSS

Report Vulnerability

Business Solutions Restricted

Restricted

Partner Solutions Restricted

Restricted

CVE Reference: CVE-2005-3185
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2005-3185

Description: Stack-based buffer overflow in the ntlm_output function in http-ntlm.c for (1) wget 1.10, (2) curl 7.13.2, and (3) libcurl 7.13.2, and other products that use libcurl, when NTLM authentication is enabled, allows remote servers to execute arbitrary code via a long NTLM username.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/22721 UBUNTU http://www.ubuntulinux.org/support/documentation/usn/usn-205-1 TRUSTIX http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html SUSE http://www.novell.com/linux/security/advisories/2005_63_wget_curl.html ST 1015056 1015057 SREASON http://securityreason.com/securityalert/82 SLACKWARE http://slackware.com/security/viewer.php?l=slackware-security&y=2005&m=slackware-security.519010 SCO SAID Secunia Advisory: SA17192 Secunia Advisory: SA17400 Secunia Advisory: SA17403 Secunia Advisory: SA17813 Secunia Advisory: SA17193 Secunia Advisory: SA17247 Secunia Advisory: SA17320 Secunia Advisory: SA17297 Secunia Advisory: SA17208 Secunia Advisory: SA17485 Secunia Advisory: SA17965 Secunia Advisory: SA19193 Secunia Advisory: SA17203 Secunia Advisory: SA17228 REDHAT http://www.redhat.com/support/errata/RHSA-2005-812.html http://www.redhat.com/support/errata/RHSA-2005-807.html OSVDB 20011 MANDRIVA http://frontal2.mandriva.com/security/advisories?name=MDKSA-2005:182 IDEFENSE http://www.idefense.com/application/poi/display?id=322&type=vulnerabilities GENTOO http://www.gentoo.org/security/en/glsa/glsa-200510-19.xml FEDORA http://www.redhat.com/archives/fedora-announce-list/2005-December/msg00020.html http://www.redhat.com/archives/fedora-announce-list/2005-October/msg00055.html DEBIAN http://www.debian.org/security/2005/dsa-919 BID 15647 15102 APPLE http://docs.info.apple.com/article.html?artnum=302847

Return to the previous page.

Contact | Terms & Conditions and Copyright | Report Vulnerability | Press | Jobs | About Secunia
Copyright Secunia 2002-2008