+++ This bug was initially created as a clone of Bug #170666 +++ This text was scavanged from the libcurl advisory: libcurl's NTLM function can overflow a stack-based buffer if given a too long user name or domain name. This would happen if you enable NTLM authentication and either: A - pass in a user name and domain name to libcurl that together are longer than 192 bytes B - allow (lib)curl to follow HTTP "redirects" (Location: and the appropriate HTTP 30x response code) and the new URL contains a URL with a user name and domain name that together are longer than 192 bytes -- Additional comment from bressers on 2005-10-13 13:24 EST -- Created an attachment (id=119931) Proposed patch from upstream -- Additional comment from bressers on 2005-10-13 13:25 EST -- This issue also affects RHEL2.1 and RHEL3
Ivana is PTO today, so I added the patch to RHEL4 and RHEL3. RHEL2.1 seems to be unaffected by this as the file to be patched "lib/http_ntlm.c" doesn't exist and the function Curl_output_ntlm() doesn't exist as well in all the RHEL2.1 curl sources. The RHEL4 and RHEL3 curl with patch applied is now built.
This is going to be RHSA-2005:807
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHSA-2005-807.html