CVE

Id
11696  
CVE No.
CVE-2005-0490  
Status
Candidate  
Description
Multiple stack-based buffer overflows in libcURL and cURL 7.12.1, and possibly other versions, allow remote malicious web servers to execute arbitrary code via base64 encoded replies that exceed the intended buffer lengths when decoded, which is not properly handled by (1) the Curl_input_ntlm function in http_ntlm.c during NTLM authentication or (2) the Curl_krb_kauth and krb4_auth functions in krb4.c during Kerberos authentication.  
Phase
Assigned (20050221)  
Votes
None (candidate not yet proposed)  
Comments
 

Actions

Related CVE References

Id CVE Id CVE No. Reference Actions
83769 11696 CVE-2005-0490 IDEFENSE:20050221 Multiple Unix/Linux Vendor cURL/libcURL NTLM Authentication Buffer Overflow Vulnerability  View
83770 11696 CVE-2005-0490 URL:http://www.idefense.com/application/poi/display?id=202&type=vulnerabilities  View
83771 11696 CVE-2005-0490 IDEFENSE:20050221 Multiple Unix/Linux Vendor cURL/libcURL Kerberos Authentication Buffer Overflow Vulnerability  View
83772 11696 CVE-2005-0490 URL:http://www.idefense.com/application/poi/display?id=203&type=vulnerabilities  View
83773 11696 CVE-2005-0490 CONECTIVA:CLA-2005:940  View
83774 11696 CVE-2005-0490 URL:http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000940  View
83775 11696 CVE-2005-0490 GENTOO:GLSA-200503-20  View
83776 11696 CVE-2005-0490 URL:http://www.gentoo.org/security/en/glsa/glsa-200503-20.xml  View
83777 11696 CVE-2005-0490 MANDRAKE:MDKSA-2005:048  View
83778 11696 CVE-2005-0490 URL:http://www.mandriva.com/security/advisories?name=MDKSA-2005:048  View
83779 11696 CVE-2005-0490 FULLDISC:20050228 [USN-86-1] cURL vulnerability  View
83780 11696 CVE-2005-0490 URL:http://marc.info/?l=full-disclosure&m=110959085507755&w=2  View
83781 11696 CVE-2005-0490 REDHAT:RHSA-2005:340  View
83782 11696 CVE-2005-0490 URL:http://www.redhat.com/support/errata/RHSA-2005-340.html  View
83783 11696 CVE-2005-0490 SUSE:SUSE-SA:2005:011  View
83784 11696 CVE-2005-0490 URL:http://www.novell.com/linux/security/advisories/2005_11_curl.html  View
83785 11696 CVE-2005-0490 BID:12615  View
83786 11696 CVE-2005-0490 URL:http://www.securityfocus.com/bid/12615  View
83787 11696 CVE-2005-0490 BID:12616  View
83788 11696 CVE-2005-0490 URL:http://www.securityfocus.com/bid/12616  View
83789 11696 CVE-2005-0490 OVAL:oval:org.mitre.oval:def:10273  View
83790 11696 CVE-2005-0490 URL:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:10273  View
83791 11696 CVE-2005-0490 XF:curl-kerberos-bo(19423)  View

Related JVN