#include "_doctype.html" #define FLAWNAME FTP Server Response Buffer Overflow cURL - FLAWNAME #include "css.t" #include "manpage.t" #define CURL_DOCS #define CURL_URL docs/adv_20001013.html #include "_menu.html" #include "setup.t" WHERE3(Docs, "/docs/", Security, "/docs/security.html", FLAWNAME) TITLE(FLAWNAME) #include "adv-related-box.inc" SUBTITLE(FTP Server Response Buffer Overflow)
Date:October 13, 2000
ID BID 1804 CVE-2000-0973
Affected versions6.0 (and possibly earlier) to and including 7.4
Not affected versions7.4.1 and later

When storing an FTP server's error message on failure, there was no check for input length and thus a malicious FTP server could overflow curl's stack based buffer. securityfocus lists two exploits #include "_footer.html"