Lucene search
HistoryFeb 10, 2015 - 7:59 p.m.
CVE-2015-1548
cve-2015-1548
mini_httpd
remote attackers
sensitive information
process memory
http request
nvd
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.2 Medium
AI Score
Confidence
Low
0.005 Low
EPSS
Percentile
75.5%
mini_httpd 1.21 and earlier allows remote attackers to obtain sensitive information from process memory via an HTTP request with a long protocol string, which triggers an incorrect response size calculation and an out-of-bounds read.
Affected configurations
Node
acmemini_httpdRange≤1.21
| CPE | Name | Operator | Version |
|---|---|---|---|
| acme:mini_httpd | acme mini httpd | le | 1.21 |
Related
nessus
nessus
FreeBSD : mini_httpd -- buffer overflow via snprintf (84dc49b0-b267-11e5-8a5b-00262d5ed8ee)
2016-01-04 00:00:00
Acme mini_httpd Protocol String Handling Memory Disclosure
2016-05-05 00:00:00
openvas
openvas
mini_httpd server Long Protocol String Information Disclosure Vulnerability
2015-02-24 00:00:00
debiancve
debiancve
CVE-2015-1548
2015-02-10 19:59:02
nvd
nvd
CVE-2015-1548
2015-02-10 19:59:02
cvelist
cvelist
CVE-2015-1548
2015-02-10 19:00:00
freebsd
freebsd
mini_httpd -- buffer overflow via snprintf
2015-02-10 00:00:00
prion
prion
Out-of-bounds
2015-02-10 19:59:00
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:N/AC:L/Au:N/C:P/I:N/A:N
6.2 Medium
AI Score
Confidence
Low
0.005 Low
EPSS
Percentile
75.5%
Related for CVE-2015-1548