CVE-2013-0249

Exp

Stack-based buffer overflow in the Curl_sasl_create_digest_md5_message function in lib/curl_sasl.c in curl and libcurl 7.26.0 through 7.28.1, when negotiating SASL DIGEST-MD5 authentication, allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long string in the realm parameter in a (1) POP3, (2) SMTP or (3) IMAP message.

Published: 2013-03-08 Last update: 2026-04-29 Assigner: [email protected] Source: [email protected]

NVD Status：Modified，CVE State: published

View at NVD, CVE.org, EUVD

Threat Intelligence & Risk Assessment for CVE-2013-0249

EPSS CVSS CWE Exploit-DB Affected OS Tracker

Conclusion & alert: CVE-2013-0249 is rated High Exploit Risk (74.1/100): CVSS High severity, with high exploitation likelihood (EPSS 44.20%, 97th percentile). Core evidence: 2 public exploit reference(s) are indexed (Exploit-DB). Mandatory action: Public exploits are available—assess exposure, apply mitigations, and prioritize patching.

Risk is dynamic; we continuously reassess and refresh what is shown on this page as upstream context changes.

Public exploit references (Exploit-DB) for CVE-2013-0249

EDB-ID	Source	Kind	Published	Link
24487	exploit_db	edb	2013-02-11	Exploit-DB ↗
—	nvd_ref	exploit_tag		Exploit-DB ↗

Exploit prediction scoring system (EPSS) score for CVE-2013-0249

EPSS lead: Daily EPSS estimates relative likelihood of exploitation; percentile ranks this CVE among scored vulnerabilities (higher = more severe relative rank).

#	Date	Old EPSS score	New EPSS score	Delta (New - Old)
1	2025-12-07	51.16%	44.20%	-6.95%
2	2025-10-19	38.79%	51.16%	+12.36%
3	2025-05-04	—	38.79%	—

Full EPSS history (11 records total)

Common vulnerability scoring system (CVSS) metrics for CVE-2013-0249

CVSS metrics for this CVE.

Base score	Version	Severity	Vector	Exploitability	Impact	Score source
7.5	2.0	HIGH	`AV:N/AC:L/Au:N/C:P/I:P/A:P` Click to expand Access vector (AV:N) Can be exploited remotely over network reachability. Access complexity (AC:L) Exploitation conditions are straightforward and predictable. Authentication (AU:N) No authentication is required. Confidentiality impact (C:P) Partial confidentiality impact. Integrity impact (I:P) Partial integrity impact. Availability impact (A:P) Partial availability impact.	10.0	6.4	[email protected]

Weakness enumeration for CVE-2013-0249

CWE-119 MITRE ↗

OS Trackers for CVE-2013-0249

vendor	priority	summary	link
`debian`	not yet assigned	CVE-2013-0249 not yet assigned priority: Debian including 1 source packages (curl), 5 status rows across 5 suites (bookworm, bullseye, forky, sid, trixie): resolved 5.	https://security-tracker.debian.org/tracker/CVE-2013-0249
`gentoo`	normal	CVE-2013-0249: 1 GLSA(s) (201401-14), 1 atom(s) (net-misc/curl); latest impact normal.	https://bugs.gentoo.org/buglist.cgi?quicksearch=CVE-2013-0249
`redhat`	medium	—	https://access.redhat.com/security/cve/CVE-2013-0249
`suse`	high	CVE-2013-0249 severity important: SUSE including 50 source package names (curl-7.37.0-15.1, curl-7.37.0-2.5, …), 73 product×package rows across 27 product lines (SUSE Linux Enterprise Desktop 12, SUSE Linux Enterprise Desktop 12 SP1, … (27 product lines)): Fixed 73.	https://www.suse.com/security/cve/CVE-2013-0249/
`ubuntu`	medium	CVE-2013-0249 medium priority: Ubuntu including 1 source packages (curl), 6 status rows across 6 suites (hardy, lucid, oneiric, precise, quantal, upstream): not-affected 4, released 2.	https://ubuntu.com/security/CVE-2013-0249

Affected software / configurations for CVE-2013-0249

Vendor	Product	Version	Raw CPE
haxx	curl	7.26.0	cpe:2.3:a:haxx:curl:7.26.0:::::::*
haxx	curl	7.27.0	cpe:2.3:a:haxx:curl:7.27.0:::::::*
haxx	curl	7.28.0	cpe:2.3:a:haxx:curl:7.28.0:::::::*
haxx	curl	7.28.1	cpe:2.3:a:haxx:curl:7.28.1:::::::*
haxx	libcurl	7.26.0	cpe:2.3:a:haxx:libcurl:7.26.0:::::::*
haxx	libcurl	7.27.0	cpe:2.3:a:haxx:libcurl:7.27.0:::::::*
haxx	libcurl	7.28.0	cpe:2.3:a:haxx:libcurl:7.28.0:::::::*
haxx	libcurl	7.28.1	cpe:2.3:a:haxx:libcurl:7.28.1:::::::*
canonical	ubuntu_linux	12.10	cpe:2.3:o:canonical:ubuntu_linux:12.10:::::::*

References for CVE-2013-0249

URL	Tags
http://blog.volema.com/curl-rce.html
http://curl.haxx.se/docs/adv_20130206.html	Vendor Advisory
http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html
http://lists.fedoraproject.org/pipermail/package-announce/2013-February/099140.html
http://nakedsecurity.sophos.com/2013/02/10/anatomy-of-a-vulnerability-curl-web-download-toolkit-holed-by-authentication-bug/
http://packetstormsecurity.com/files/120147/cURL-Buffer-Overflow.html
http://packetstormsecurity.com/files/120170/Slackware-Security-Advisory-curl-Updates.html
http://www.exploit-db.com/exploits/24487	Exploit
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
http://www.osvdb.org/89988
http://www.securityfocus.com/bid/57842
http://www.securitytracker.com/id/1028093
http://www.ubuntu.com/usn/USN-1721-1	Vendor Advisory

cvelogic Threat Intelligence