The annual curl user survey is up. Please donate a few minutes and answer some questions!
curl / Docs / Security Problems / FTP Server Response Buffer Overflow

FTP Server Response Buffer Overflow

Project curl Security Advisory, October 13th 2000 - Permalink

VULNERABILITY

When storing an FTP server's error message on failure, there was no check for input length and thus a malicious FTP server could overflow curl's stack based buffer.

securityfocus lists two exploits

INFO

The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2000-0973 to this issue.

AFFECTED VERSIONS