Vulnerability Description
Stack-based buffer overflow in the ntlm_output function in http-ntlm.c for (1) wget 1.10, (2) curl 7.13.2, and (3) libcurl 7.13.2, and other products that use libcurl, when NTLM authentication is enabled, allows remote servers to execute arbitrary code via a long NTLM username.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Curl | Curl | 7.13.2 |
| Libcurl | Libcurl | 7.13.2 |
| Wget | Wget | 1.10 |
Related Weaknesses (CWE)
References
- ftp://ftp.sco.com/pub/updates/OpenServer/SCOSA-2006.10/SCOSA-2006.10.txt
- http://docs.info.apple.com/article.html?artnum=302847
- http://lists.trustix.org/pipermail/tsl-announce/2005-October/000354.html
- http://secunia.com/advisories/17192Vendor Advisory
- http://secunia.com/advisories/17193Vendor Advisory
- http://secunia.com/advisories/17203Vendor Advisory
- http://secunia.com/advisories/17208Vendor Advisory
- http://secunia.com/advisories/17228Vendor Advisory
- http://secunia.com/advisories/17247Vendor Advisory
- http://secunia.com/advisories/17297Vendor Advisory
- http://secunia.com/advisories/17320Vendor Advisory
- http://secunia.com/advisories/17400Vendor Advisory
- http://secunia.com/advisories/17403Vendor Advisory
- http://secunia.com/advisories/17485Vendor Advisory
- http://secunia.com/advisories/17813Vendor Advisory
FAQ
What is CVE-2005-3185?
CVE-2005-3185 is a vulnerability with a CVSS score of 7.5 (HIGH). Stack-based buffer overflow in the ntlm_output function in http-ntlm.c for (1) wget 1.10, (2) curl 7.13.2, and (3) libcurl 7.13.2, and other products that use libcurl, when NTLM authentication is enab...
How severe is CVE-2005-3185?
CVE-2005-3185 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2005-3185?
Check the references section above for vendor advisories and patch information. Affected products include: Curl Curl, Libcurl Libcurl, Wget Wget.