FTP Server Response Buffer Overflow
Project curl Security Advisory, October 13th 2000 - Permalink
VULNERABILITY
When storing an FTP server's error message on failure, there was no check for input length and thus a malicious FTP server could overflow curl's stack based buffer.
INFO
The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2000-0973 to this issue.
AFFECTED VERSIONS
- Affected versions: curl 6.0 to and including curl 7.4
- Not affected versions: curl < 6.0 and curl >= 7.4.1
CREDITS
- Reported-by: zillion
According to the original report once hosted on https://www.securityfocus.com/bid/1804/exploit/
Thanks a lot!