curl / Docs / Security / NTLM Authentication Buffer Overflow

NTLM Authentication Buffer Overflow

NTLM Authentication Buffer Overflow

Date:February 21, 2005
IDBID 12615 CAN-2005-0490
Affected versions7.10.6 to and including 7.13.0
Not affected versions7.13.1 and later
AdvisoriesiDEFENSE's advisory

Due to bad usage of the base64 decode function to a stack-based buffer without checking the data length, it was possible for a malicious HTTP server to overflow the client during NTLM negotiation. The announcement was done without contacting us.