cURL / libcURL NTLM Authentication Buffer Overflow Vulnerability

Bugtraq ID: 12615
Class: Boundary Condition Error
CVE: CVE-2005-0490
Remote: Yes
Local: No
Published: Feb 22 2005 12:00AM
Updated: Aug 24 2006 05:54PM
Credit: Credited to infamous41md[at]hotpop.com.
Vulnerable: SuSE Linux Enterprise Server 9
SuSE Linux Desktop 1.0
SGI ProPack 3.0
S.u.S.E. Linux Personal 9.2 x86_64
S.u.S.E. Linux Personal 9.2
S.u.S.E. Linux Personal 9.1 x86_64
S.u.S.E. Linux Personal 9.1
S.u.S.E. Linux Personal 9.0 x86_64
S.u.S.E. Linux Personal 9.0
S.u.S.E. Linux Personal 8.2
S.u.S.E. Linux 8.1
S.u.S.E. Linux 8.0 i386
S.u.S.E. Linux 8.0
Mandriva Linux Mandrake 10.1 x86_64
Mandriva Linux Mandrake 10.1
Mandriva Linux Mandrake 10.0 AMD64
Mandriva Linux Mandrake 10.0
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
Gentoo Linux
F5 BIG-IP 4.6.2
F5 BIG-IP 4.6
F5 BIG-IP 4.5.12
F5 BIG-IP 4.5.11
F5 BIG-IP 4.5.10
F5 BIG-IP 4.5.9
F5 BIG-IP 4.5.6
F5 BIG-IP 4.5
F5 BIG-IP 4.4
F5 BIG-IP 4.3
F5 BIG-IP 4.2
F5 BIG-IP 4.0
F5 3-DNS 4.6.2
F5 3-DNS 4.6
F5 3-DNS 4.5.12
F5 3-DNS 4.5.11
F5 3-DNS 4.5
F5 3-DNS 4.4
F5 3-DNS 4.3
F5 3-DNS 4.2
Daniel Stenberg curl 7.13
Daniel Stenberg curl 7.12.3
Daniel Stenberg curl 7.12.2
Daniel Stenberg curl 7.12.1
+ Redhat Desktop 4.0
+ Redhat Enterprise Linux AS 4
+ Redhat Enterprise Linux ES 4
+ Redhat Enterprise Linux WS 4
Daniel Stenberg curl 7.12
+ S.u.S.E. Linux Personal 9.2 x86_64
+ S.u.S.E. Linux Personal 9.2
+ Ubuntu Ubuntu Linux 4.1 ppc
+ Ubuntu Ubuntu Linux 4.1 ia64
+ Ubuntu Ubuntu Linux 4.1 ia32
Daniel Stenberg curl 7.11.2
Daniel Stenberg curl 7.11.1
Daniel Stenberg curl 7.11
+ S.u.S.E. Linux Personal 9.1 x86_64
+ S.u.S.E. Linux Personal 9.1
Daniel Stenberg curl 7.10.8
Daniel Stenberg curl 7.10.7
Daniel Stenberg curl 7.10.6
+ Redhat Desktop 3.0
+ Redhat Enterprise Linux AS 3
+ Redhat Enterprise Linux ES 3
+ Redhat Enterprise Linux WS 3
Daniel Stenberg curl 7.10.5
Daniel Stenberg curl 7.10.4
Daniel Stenberg curl 7.10.3
Daniel Stenberg curl 7.10.1
Daniel Stenberg curl 7.8.2
+ Redhat Advanced Workstation for the Itanium Processor 2.1
+ Redhat Enterprise Linux AS 2.1 IA64
+ Redhat Enterprise Linux AS 2.1
+ Redhat Enterprise Linux ES 2.1 IA64
+ Redhat Enterprise Linux ES 2.1
+ Redhat Enterprise Linux WS 2.1 IA64
+ Redhat Enterprise Linux WS 2.1
Daniel Stenberg curl 7.4.1
Daniel Stenberg curl 7.4
Daniel Stenberg curl 7.3
+ Redhat PowerTools 7.0
+ Redhat PowerTools 6.2
+ Redhat PowerTools 6.1
Daniel Stenberg curl 7.2.1
Daniel Stenberg curl 7.2
Daniel Stenberg curl 7.1.1
Daniel Stenberg curl 7.1
Daniel Stenberg curl 6.5.2
Daniel Stenberg curl 6.5.1
ALT Linux ALT Linux Junior 2.3
ALT Linux ALT Linux Compact 2.3
Not Vulnerable: F5 BIG-IP 4.6.3
F5 BIG-IP 4.5.13
F5 3-DNS 4.6.3
F5 3-DNS 4.5.13
Daniel Stenberg curl 7.13.1


 

Privacy Statement
Copyright 2010, SecurityFocus