6 matches found
openSUSE Security Update : libmicrohttpd (openSUSE-2017-728)
This update for libmicrohttpd fixes the following issues : - CVE-2013-7038: The MHDhttpunescape function in libmicrohttpd might have allowed remote attackers to obtain sensitive information or cause a denial of service crash via unspecified vectors that trigger an out-of-bounds read. bsc854443 -...
SUSE SLES12 Security Update : libmicrohttpd (SUSE-SU-2017:1576-1)
This update for libmicrohttpd fixes the following issues : - CVE-2013-7038: The MHDhttpunescape function in libmicrohttpd might have allowed remote attackers to obtain sensitive information or cause a denial of service crash via unspecified vectors that trigger an out-of-bounds read. bsc854443 -...
Important: libmicrohttpd
Issue Overview: Stack-based buffer overflow in the MHDdigestauthcheck function in libmicrohttpd before 0.9.32, when MHDOPTIONCONNECTIONMEMORYLIMIT is set to a large value, allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a long URI in an...
Updated libmicrohttpd package fixes security vulnerabilities
The MHDhttpunescape function in libmicrohttpd before 0.9.32 might allow remote attackers to obtain sensitive information or cause a denial of service crash via unspecified vectors that trigger an out-of-bounds read CVE-2013-7038. Stack-based buffer overflow in the MHDdigestauthcheck function in...
CVE-2013-7039
Stack-based buffer overflow in the MHDdigestauthcheck function in libmicrohttpd before 0.9.32, when MHDOPTIONCONNECTIONMEMORYLIMIT is set to a large value, allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a long URI in an authentication header...
CVE-2013-7039
CVE-2013-7039 affects libmicrohttpd up to 0.9.32, where a stack-based buffer overflow in MHD_digest_auth_check (triggered when MHD_OPTION_CONNECTION_MEMORY_LIMIT is large) can cause a crash or potentially allow remote code execution via a long URI in an authentication header. Public responses in ...