4 matches found
SUSE CVE-2019-3822
libcurl versions from 7.36.0 to before 7.64.0 are vulnerable to a stack-based buffer overflow. The function creating an outgoing NTLM type-3 header lib/vauth/ntlm.c:Curlauthcreatentlmtype3message, generates the request HTTP header contents based on previously received data. The check that exists ...
curl: NTLMv2 type-3 header stack buffer overflow
A stack-based buffer overflow was found in the way curl handled NTLMv2 type-3 headers. When connecting to a remote malicious server which uses NTLM authentication, the flaw could cause curl to crash...
Remote Code Execution (RCE)
libcurl.so is vulnerable to remote code execution RCE. An improper bounds check in the function that creates an outgoing NTLM type-3 header lib/vauth/ntlm.c:Curlauthcreatentlmtype3message results in a stack-based buffer overflow when a very large nt response data is extracted from a previous NTLM...
CURL-CVE-2019-3822 NTLMv2 type-3 header stack buffer overflow
libcurl contains a stack based buffer overflow vulnerability. The function creating an outgoing NTLM type-3 header lib/vauth/ntlm.c:Curlauthcreatentlmtype3message, generates the request HTTP header contents based on previously received data. The check that exists to prevent the local buffer from...