{"id":"CURL-CVE-2005-3185","summary":"NTLM Buffer Overflow","details":"libcurl's NTLM function can overflow a stack-based buffer if given a too long\nusername or domain name. This would happen if you enable NTLM authentication\nand either:\n\n A - pass in a username and domain name to libcurl that together are longer\n     than 192 bytes\n\n B - allow (lib)curl to follow HTTP \"redirects\" (Location: and the appropriate\n     HTTP 30x response code) and the new URL contains a URL with a username\n     and domain name that together are longer than 192 bytes","aliases":["CVE-2005-3185"],"modified":"2026-05-27T02:29:17.886760Z","published":"2005-10-13T08:00:00Z","database_specific":{"URL":"https://curl.se/docs/CVE-2005-3185.json","www":"https://curl.se/docs/CVE-2005-3185.html","CWE":{"desc":"Stack-based Buffer Overflow","id":"CWE-121"},"severity":"High","last_affected":"7.14.1","package":"curl","affects":"both"},"affected":[{"ranges":[{"type":"SEMVER","events":[{"introduced":"7.10.6"},{"fixed":"7.15.0"}]},{"type":"GIT","repo":"https://github.com/curl/curl.git","events":[{"introduced":"bdb5e5a25037a585e0ec6b83d29b25961c6823f8"},{"fixed":"943aea62679fb9f2d6d7abe59b5edcba21490c52"}]}],"versions":["7.14.1","7.14.0","7.13.2","7.13.1","7.13.0","7.12.3","7.12.2","7.12.1","7.12.0","7.11.2","7.11.1","7.11.0","7.10.8","7.10.7","7.10.6","curl-7_14_1","curl-7_14_0","curl-7_13_2","curl-7_13_1","before_ftp_statemachine","curl-7_13_0","curl-7_12_3","curl-7_12_2","curl-7_12_1","curl-7_12_0","curl-7_11_2","curl-7_11_1","curl-7_11_0","curl-7_10_8","curl-7_10_7","curl-7_10_6"],"database_specific":{"source":"https://curl.se/docs/CURL-CVE-2005-3185.json","vanir_signatures_modified":"2026-05-27T02:29:17Z","vanir_signatures":[{"deprecated":false,"source":"https://github.com/curl/curl.git/commit/943aea62679fb9f2d6d7abe59b5edcba21490c52","target":{"file":"lib/http_ntlm.c"},"signature_version":"v1","signature_type":"Line","id":"CURL-CVE-2005-3185-90a25c7b","digest":{"threshold":0.9,"line_hashes":["171114046798777151270719067410152303371","290753497773825416687583203876565458288","75455037029382482363366612127796244813"]}},{"deprecated":false,"source":"https://github.com/curl/curl.git/commit/943aea62679fb9f2d6d7abe59b5edcba21490c52","target":{"function":"Curl_output_ntlm","file":"lib/http_ntlm.c"},"signature_version":"v1","signature_type":"Function","id":"CURL-CVE-2005-3185-ea12ec00","digest":{"function_hash":"238977671527874511677942108580874230893","length":6942}}]}}],"schema_version":"1.7.5","credits":[{"name":"iDEFENSE","type":"FINDER"}]}