CVE-2005-0490

Name of the Vulnerable Software and Affected Versions cURL versions 7.12.1 and possibly other versions

Description The issue arises from multiple stack-based buffer overflows in libcURL and cURL, allowing remote malicious web servers to execute arbitrary code. This occurs when base64 encoded replies exceed the intended buffer lengths during decoding, which is not properly handled. Specifically, the problem is seen in two areas: (1) the Curl input ntlm function during NTLM authentication and (2) the Curl krb kauth and krb4 auth functions during Kerberos authentication. The vulnerability can be exploited by a malicious HTTP server during NTLM negotiation and by an FTP server during krb4 negotiation.

Recommendations For cURL version 7.12.1 and possibly other affected versions, consider disabling the Curl input ntlm function and the Curl krb kauth and krb4 auth functions until a patch is available to prevent exploitation during NTLM and Kerberos authentication. Restrict access to the affected authentication modules to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.