Multiple Vendor WGet/Curl NTLM Username Buffer Overflow Vulnerability

Bugtraq ID: 15102
Class: Boundary Condition Error
CVE: CVE-2005-3185
Remote: Yes
Local: No
Published: Oct 13 2005 12:00AM
Updated: May 05 2008 05:56PM
Credit: The discoverer of this vulnerability wishes to remain anonymous; this vulnerability was disclosed in the referenced iDEFENSE advisory.
Vulnerable: Ubuntu Ubuntu Linux 5.10 powerpc
Ubuntu Ubuntu Linux 5.10 i386
Ubuntu Ubuntu Linux 5.10 amd64
Ubuntu Ubuntu Linux 5.0 4 powerpc
Ubuntu Ubuntu Linux 5.0 4 i386
Ubuntu Ubuntu Linux 5.0 4 amd64
Ubuntu Ubuntu Linux 4.1 ppc
Ubuntu Ubuntu Linux 4.1 ia64
Ubuntu Ubuntu Linux 4.1 ia32
Trustix Secure Linux 3.0
Trustix Secure Linux 2.2
Trustix Secure Enterprise Linux 2.0
SuSE Linux Enterprise Server 9
Slackware Linux 10.2
Slackware Linux 10.1
Slackware Linux 10.0
Slackware Linux 9.1
Slackware Linux 9.0
Slackware Linux 8.1
Slackware Linux -current
SGI ProPack 3.0 SP6
SCO Open Server 6.0
SCO Open Server 5.0.7
SCO Open Server 5.0.6 a
SCO Open Server 5.0.6
S.u.S.E. Open-Enterprise-Server 9.0
S.u.S.E. Novell Linux Desktop 9.0
S.u.S.E. Linux Professional 10.0 OSS
S.u.S.E. Linux Professional 10.0
S.u.S.E. Linux Professional 9.3 x86_64
S.u.S.E. Linux Professional 9.3
S.u.S.E. Linux Professional 9.2 x86_64
S.u.S.E. Linux Professional 9.2
S.u.S.E. Linux Professional 9.1 x86_64
S.u.S.E. Linux Professional 9.1
S.u.S.E. Linux Personal 10.0 OSS
S.u.S.E. Linux Personal 9.3 x86_64
S.u.S.E. Linux Personal 9.3
S.u.S.E. Linux Personal 9.2 x86_64
S.u.S.E. Linux Personal 9.2
S.u.S.E. Linux Personal 9.1 x86_64
S.u.S.E. Linux Personal 9.1
Redhat Fedora Core4
Redhat Fedora Core3
Redhat Enterprise Linux WS 4
Redhat Enterprise Linux WS 3
Redhat Enterprise Linux WS 2.1 IA64
Redhat Enterprise Linux WS 2.1
Redhat Enterprise Linux ES 4
Redhat Enterprise Linux ES 3
Redhat Enterprise Linux ES 2.1 IA64
Redhat Enterprise Linux ES 2.1
Redhat Enterprise Linux AS 4
Redhat Enterprise Linux AS 3
Redhat Enterprise Linux AS 2.1 IA64
Redhat Enterprise Linux AS 2.1
Redhat Desktop 4.0
Redhat Desktop 3.0
Redhat Advanced Workstation for the Itanium Processor 2.1 IA64
Redhat Advanced Workstation for the Itanium Processor 2.1
Mandriva Linux Mandrake 2006.0 x86_64
Mandriva Linux Mandrake 2006.0
Mandriva Linux Mandrake 10.2 x86_64
Mandriva Linux Mandrake 10.2
MandrakeSoft Multi Network Firewall 2.0
MandrakeSoft Corporate Server 3.0 x86_64
MandrakeSoft Corporate Server 3.0
GNU wget 1.10.1
GNU wget 1.10
Gentoo net-misc/curl 7.14.1
Electric Sheep Electric Sheep 2.6.3
Debian Linux 3.1 sparc
Debian Linux 3.1 s/390
Debian Linux 3.1 ppc
Debian Linux 3.1 mipsel
Debian Linux 3.1 mips
Debian Linux 3.1 m68k
Debian Linux 3.1 ia-64
Debian Linux 3.1 ia-32
Debian Linux 3.1 hppa
Debian Linux 3.1 arm
Debian Linux 3.1 amd64
Debian Linux 3.1 alpha
Debian Linux 3.1
Debian Linux 3.0 sparc
Debian Linux 3.0 s/390
Debian Linux 3.0 ppc
Debian Linux 3.0 mipsel
Debian Linux 3.0 mips
Debian Linux 3.0 m68k
Debian Linux 3.0 ia-64
Debian Linux 3.0 ia-32
Debian Linux 3.0 hppa
Debian Linux 3.0 arm
Debian Linux 3.0 alpha
Debian Linux 3.0
Daniel Stenberg curl 7.14.1
Daniel Stenberg curl 7.14
Daniel Stenberg curl 7.13.2
Daniel Stenberg curl 7.13.1
Daniel Stenberg curl 7.13
Daniel Stenberg curl 7.13
Daniel Stenberg curl 7.12.3
Daniel Stenberg curl 7.12.2
Daniel Stenberg curl 7.12.1
Daniel Stenberg curl 7.12
Daniel Stenberg curl 7.11.2
Daniel Stenberg curl 7.11.1
Daniel Stenberg curl 7.11
Daniel Stenberg curl 7.10.8
Daniel Stenberg curl 7.10.7
Daniel Stenberg curl 7.10.6
Daniel Stenberg curl 7.10.5
Daniel Stenberg curl 7.10.4
Daniel Stenberg curl 7.10.3
Daniel Stenberg curl 7.10.2
Daniel Stenberg curl 7.10.1
Daniel Stenberg curl 7.10
Daniel Stenberg curl 7.9.8
Daniel Stenberg curl 7.9.7
Daniel Stenberg curl 7.9.6
Daniel Stenberg curl 7.9.5
Daniel Stenberg curl 7.9.4
Daniel Stenberg curl 7.9.3
Daniel Stenberg curl 7.9.2
Daniel Stenberg curl 7.9.1
Daniel Stenberg curl 7.9
Daniel Stenberg curl 7.8.2
+ Redhat Advanced Workstation for the Itanium Processor 2.1
+ Redhat Enterprise Linux AS 2.1 IA64
+ Redhat Enterprise Linux AS 2.1
+ Redhat Enterprise Linux ES 2.1 IA64
+ Redhat Enterprise Linux ES 2.1
+ Redhat Enterprise Linux WS 2.1 IA64
+ Redhat Enterprise Linux WS 2.1
Daniel Stenberg curl 7.8.1
Daniel Stenberg curl 7.8
Daniel Stenberg curl 7.7.3
Daniel Stenberg curl 7.7.2
Daniel Stenberg curl 7.7.1
Daniel Stenberg curl 7.7
Daniel Stenberg curl 7.6.1
Daniel Stenberg curl 7.6
Daniel Stenberg curl 7.5.2
Daniel Stenberg curl 7.5.1
Daniel Stenberg curl 7.5
Daniel Stenberg curl 7.4.2
Daniel Stenberg curl 7.4.1
Daniel Stenberg curl 7.4
Daniel Stenberg curl 7.3
Daniel Stenberg curl 7.2.1
Daniel Stenberg curl 7.2
Daniel Stenberg curl 7.1.1
Daniel Stenberg curl 7.1
Daniel Stenberg curl 6.5.2
Daniel Stenberg curl 6.5.1
Daniel Stenberg curl 6.5
Daniel Stenberg curl 6.4
Daniel Stenberg curl 6.3.1
Daniel Stenberg curl 6.3
Daniel Stenberg curl 6.2
Daniel Stenberg curl 6.1 beta
Daniel Stenberg curl 6.1
Daniel Stenberg curl 6.0
Apple Mac OS X Server 10.4.3
Apple Mac OS X Server 10.4.2
Apple Mac OS X Server 10.4.1
Apple Mac OS X Server 10.4
Apple Mac OS X 10.4.3
Apple Mac OS X 10.4.2
Apple Mac OS X 10.4.1
Apple Mac OS X 10.4
Not Vulnerable: GNU wget 1.10.2
Gentoo net-misc/curl 7.15 .0
Daniel Stenberg curl 7.15
Daniel Stenberg curl 7.13.2


 

Privacy Statement
Copyright 2010, SecurityFocus