CURL-CVE-2017-8816 NTLM buffer overflow via integer overflow

libcurl contains a buffer overrun flaw in the NTLM authentication code. The internal function Curlntlmcoremkntlmv2hash sums up the lengths of the username + password = SUM and multiplies the sum by two = SIZE to figure out how large storage to allocate from the heap. The SUM value is subsequently...

DEBIAN-CVE-2016-0755

The ConnectionExists function in lib/url.c in libcurl before 7.47.0 does not properly re-use NTLM-authenticated proxy connections, which might allow remote attackers to authenticate as other users via a request, a similar issue to CVE-2014-0015...

CURL-CVE-2015-3143 Reusing authenticated connection when unauthenticated

libcurl keeps a pool of its last few connections around after use to facilitate easy, convenient and completely transparent connection reuse for applications. When doing HTTP requests NTLM authenticated, the entire connection becomes authenticated and not only the specific HTTP request which is...

CURL-CVE-2005-3185 NTLM Buffer Overflow

libcurl's NTLM function can overflow a stack-based buffer if given a too long username or domain name. This would happen if you enable NTLM authentication and either: A - pass in a username and domain name to libcurl that together are longer than 192 bytes B - allow libcurl to follow HTTP...