Your submission was sent successfully! Close

CVE-2017-8816

Published: 29 November 2017

The NTLM authentication feature in curl and libcurl before 7.57.0 on 32-bit platforms allows attackers to cause a denial of service (integer overflow and resultant buffer overflow, and application crash) or possibly have unspecified other impact via vectors involving long user and password fields.

Priority

Medium

CVSS 3 base score: 9.8

Status

Package Release Status
curl
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 16.04 ESM (Xenial Xerus)
Released (7.47.0-1ubuntu2.5)
Ubuntu 14.04 ESM (Trusty Tahr) Not vulnerable
(code not present)