Lucene search
RedHatRHSA-2005:807HistoryNov 02, 2005 - 12:00 a.m.
(RHSA-2005:807) curl security update
2005-11-0200:00:00
access.redhat.com
11
0.023 Low
EPSS
Percentile
89.7%
cURL is a tool for getting files from FTP, HTTP, Gopher, Telnet, and Dict
servers, using any of the supported protocols.
A stack based buffer overflow bug was found in cURL’s NTLM authentication
module. It is possible to execute arbitrary code on a user’s machine if
the user can be tricked into connecting to a malicious web server using
NTLM authentication. The Common Vulnerabilities and Exposures project
has assigned the name CVE-2005-3185 to this issue.
All users of curl are advised to upgrade to these updated packages, which
contain a backported patch that resolve this issue.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | any | s390 | curl | < 7.12.1-6.rhel4 | curl-7.12.1-6.rhel4.s390.rpm |
| RedHat | any | x86_64 | curl-devel | < 7.12.1-6.rhel4 | curl-devel-7.12.1-6.rhel4.x86_64.rpm |
| RedHat | any | ppc64 | curl | < 7.12.1-6.rhel4 | curl-7.12.1-6.rhel4.ppc64.rpm |
| RedHat | any | s390 | curl-devel | < 7.12.1-6.rhel4 | curl-devel-7.12.1-6.rhel4.s390.rpm |
| RedHat | any | x86_64 | curl | < 7.12.1-6.rhel4 | curl-7.12.1-6.rhel4.x86_64.rpm |
| RedHat | any | ia64 | curl-devel | < 7.12.1-6.rhel4 | curl-devel-7.12.1-6.rhel4.ia64.rpm |
| RedHat | any | ia64 | curl | < 7.12.1-6.rhel4 | curl-7.12.1-6.rhel4.ia64.rpm |
| RedHat | any | s390x | curl | < 7.12.1-6.rhel4 | curl-7.12.1-6.rhel4.s390x.rpm |
| RedHat | any | i386 | curl-devel | < 7.12.1-6.rhel4 | curl-devel-7.12.1-6.rhel4.i386.rpm |
| RedHat | any | src | curl | < 7.12.1-6.rhel4 | curl-7.12.1-6.rhel4.src.rpm |
Related
nessus
nessus
GLSA-200510-19 : cURL: NTLM username stack overflow
2005-10-24 00:00:00
CentOS 3 / 4 : curl (CESA-2005:807)
2006-07-03 00:00:00
Fedora Core 3 : curl-7.12.3-4.fc3 (2005-1000)
2005-10-19 00:00:00
centos
centos
openssl096b, wget security update
2005-11-02 17:10:22
wget security update
2005-11-03 05:22:50
wget security update
2005-11-02 17:08:39
slackware
slackware
curl/wget
2005-11-06 13:02:36
openvas
openvas
Slackware: Security Advisory (SSA:2005-310-01)
2012-09-10 00:00:00
SLES9: Security update for curl
2009-10-10 00:00:00
SLES9: Security update for curl
2009-10-10 00:00:00
cve
cve
CVE-2005-3185
2005-10-13 22:02:00
ubuntu
ubuntu
Curl and wget vulnerabilities
2005-10-14 00:00:00
securityvulns
securityvulns
redhat
redhat
(RHSA-2005:812) wget security update
2005-11-02 00:00:00
gentoo
gentoo
cURL: NTLM username stack overflow
2005-10-22 00:00:00
ubuntucve
ubuntucve
CVE-2005-3185
2005-10-13 00:00:00
cvelist
cvelist
CVE-2005-3185
2005-10-13 04:00:00
nvd
nvd
CVE-2005-3185
2005-10-13 22:02:00
debiancve
debiancve
CVE-2005-3185
2005-10-13 22:02:00
debian
debian
[SECURITY] [DSA 919-1] New curl packages fix potential security problem
2005-12-12 13:03:48
[SECURITY] [DSA 919-1] New curl packages fix potential security problem
2005-12-12 13:03:48
osv
osv
curl - buffer overflow
2005-12-12 00:00:00