2 matches found
UBUNTU-CVE-2018-16839
Curl versions 7.33.0 through 7.61.1 are vulnerable to a buffer overrun in the SASL authentication code that may lead to denial of service...
cURL (libcurl) NTLM Authentication Code Buffer Overrun Vulnerability
curl before version 7.61.1 is vulnerable to a buffer overrun in the NTLM authentication code. The internal function Curlntlmcoremknthash multiplies the length of the password by two SUM to figure out how large temporary storage area to allocate from the heap. The length value is then subsequently...