Docs Overview
Project
Bug Bounty Bug Report Code of conduct Dependencies Donate FAQ Features Governance History Install Known Bugs Logo TODO Web Site Info
Protocols
alt-svc CA Extract HSTS HTTP cookies HTTP/2 HTTP/3 MQTT SSL certs SSL libs compared URL syntax WebSocket
Releases
Changelog Release Table Security Problems Version Nums Vulnerabilities
Tool
Comparison Table curl man page HTTP Scripting mk-ca-bundle Tutorial
Who and Why
Companies Copyright Sponsors Thanks The name
curl / Docs / Security Problems / FTP Server Response Buffer Overflow
Related:
Bug Bounty
Changelog
Donate
FAQ
Security Problems
Security Process
Vulnerabilities Table

FTP Server Response Buffer Overflow

Project curl Security Advisory, October 13th 2000 - Permalink

VULNERABILITY

When storing an FTP server's error message on failure, there was no check for input length and thus a malicious FTP server could overflow curl's stack based buffer.

INFO

The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2000-0973 to this issue.

AFFECTED VERSIONS

CREDITS

According to the original report once hosted on https://www.securityfocus.com/bid/1804/exploit/

Thanks a lot!