cpe:/a:curl:curl:7.13.2 cpe:/a:libcurl:libcurl:7.13.2 cpe:/a:wget:wget:1.10 CVE-2005-3185 2005-10-13T18:02:00.000-04:00 2018-10-03T17:31:44.797-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2005-10-14T11:17:00.000-04:00 ALLOWS_USER_ACCESS SECTRACK 1015056 SECTRACK 1015057 BID 15102 BID 15647 SECUNIA 17192 SECUNIA 17193 SECUNIA 17203 SECUNIA 17208 SECUNIA 17228 SECUNIA 17247 SECUNIA 17297 SECUNIA 17320 SECUNIA 17400 SECUNIA 17403 SECUNIA 17485 SECUNIA 17813 SECUNIA 17965 SECUNIA 19193 OSVDB 20011 IDEFENSE 20051013 Multiple Vendor wget/curl NTLM Username Buffer Overflow Vulnerability SREASON 82 VUPEN ADV-2005-2088 VUPEN ADV-2005-2125 VUPEN ADV-2005-2659 APPLE APPLE-SA-2005-11-29 DEBIAN DSA-919 FEDORA FEDORA-2005-1000 FEDORA FEDORA-2005-1129 GENTOO GLSA-200510-19 MANDRIVA MDKSA-2005:182 REDHAT RHSA-2005:807 REDHAT RHSA-2005:812 SCO SCOSA-2006.10 SLACKWARE SSA:2005-310-01 SUSE SUSE-SA:2005:063 TRUSTIX TSLSA-2005-0059 UBUNTU USN-205-1 XF wget-curl-ntlm-username-bo(22721) Stack-based buffer overflow in the ntlm_output function in http-ntlm.c for (1) wget 1.10, (2) curl 7.13.2, and (3) libcurl 7.13.2, and other products that use libcurl, when NTLM authentication is enabled, allows remote servers to execute arbitrary code via a long NTLM username.