CVE-2000-0973

curl <6.0-1.1 - Buffer Overflow

Title source: llm

Description

Buffer overflow in curl earlier than 6.0-1.1, and curl-ssl earlier than 6.0-1.2, allows remote attackers to execute arbitrary commands by forcing a long error message to be generated.

Exploits (2)

exploitdb WORKING POC VERIFIED

by zillion · perlremotelinux

https://www.exploit-db.com/exploits/20293

View Code ZIP pw:eip

exploitdb WORKING POC VERIFIED

by zillion · perlremotefreebsd

https://www.exploit-db.com/exploits/20292

View Code ZIP pw:eip

References (4)

[Various Sources] ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-00:72.curl.asc

[Exploit, Patch, Vendor Advisory] http://www.securityfocus.com/bid/1804

[Third Party Advisory, VDB Entry] https://exchange.xforce.ibmcloud.com/vulnerabilities/5374

[Third Party Advisory] http://archives.neohapsis.com/archives/bugtraq/2000-10/0331.html

Scores

EPSS 0.1223

EPSS Percentile 93.9%

Details

Status published

Products (14)

daniel_stenberg/curl 6.0

daniel_stenberg/curl 6.1

daniel_stenberg/curl 6.1beta

daniel_stenberg/curl 6.3

daniel_stenberg/curl 6.4

daniel_stenberg/curl 6.5

daniel_stenberg/curl 6.5.1

daniel_stenberg/curl 6.5.2

daniel_stenberg/curl 7.1

daniel_stenberg/curl 7.1.1

... and 4 more

Published Dec 19, 2000

Tracked Since Feb 18, 2026