Published: 13/10/2005 Updated: 03/10/2018

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 668

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Stack-based buffer overflow in the ntlm_output function in http-ntlm.c for (1) wget 1.10, (2) curl 7.13.2, and (3) libcurl 7.13.2, and other products that use libcurl, when NTLM authentication is enabled, allows remote servers to execute arbitrary code via a long NTLM username.

Vulnerable Product	Search on Vulmon	Subscribe to Product
libcurl libcurl 7.13.2
wget wget 1.10
curl curl 7.13.2

A buffer overflow has been found in the NTLM authentication handler of the Curl library and wget By tricking an user or automatic system that uses the Curl library, the curl application, or wget into visiting a specially-crafted web site, a remote attacker could exploit this to execute arbitrary code with the privileges of the calling user ...

Synopsis curl security update Type/Severity Security Advisory: Moderate Topic Updated curl packages that fix a security issue are now availableThis update has been rated as having moderate security impact by the RedHat Security Response Team Description cURL is a tool for getting files fr ...

Synopsis wget security update Type/Severity Security Advisory: Important Topic Updated wget packages that fix a security issue are now availableThis update has been rated as having important security impact by the RedHat Security Response Team Description GNU Wget is a file retrieval util ...

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2005-3185

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect