Debian Linux Security Advisory 4286-1 - Zhaoyang Wu discovered that cURL, an URL transfer library, contains a buffer overflow in the NTLM authentication code triggered by passwords that exceed 2GB in length on 32bit systems.
bbcf61aaad1ed97d1ae1784f4ceeac29a2930166d62674c6c527d9a84a30d1db