CVE-2009-2732

2009-08-21T11:02:00
ID CVE-2009-2732
Type cve
Reporter cve@mitre.org
Modified 2018-10-10T19:42:00

Description

The checkHTTPpassword function in http.c in ntop 3.3.10 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an Authorization HTTP header that lacks a : (colon) character in the base64-decoded string.