PublicDate: 2005-10-13 22:02:00 UTC
Candidate: CVE-2005-3185
References:
 https://ubuntu.com/security/notices/USN-205-1
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3185
Description:
 Stack-based buffer overflow in the ntlm_output function in http-ntlm.c for
 (1) wget 1.10, (2) curl 7.13.2, and (3) libcurl 7.13.2, and other products
 that use libcurl, when NTLM authentication is enabled, allows remote
 servers to execute arbitrary code via a long NTLM username.
Ubuntu-Description:
Notes:
Priority: untriaged
Discovered-by:
Assigned-to:
CVSS:

Bugs:
dapper_wget: not-affected
edgy_wget: not-affected
feisty_wget: not-affected
dapper_curl: released (7.15.1-1ubuntu2.1)
edgy_curl: released (7.15.4-1ubuntu2.2)
feisty_curl: released (7.15.5-1ubuntu2.1)
devel_curl: released (7.16.4-2ubuntu1)
upstream_curl: needs-triage
upstream_wget: needs-triage