3 matches found
Fedora: Security Advisory (FEDORA-2024-d638b9a34c)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2024-23771
Consolidated data for CVE-2024-23771 shows that darkhttpd (C code http server) before version 1.15 uses strcmp to verify authentication, enabling timing-side-channel bypass of authentication. Multiple feeds (NVD, OSV, Fedora advisories) confirm the issue across affected releases and indicate the ...
CVE-2024-23771
darkhttpd before 1.15 uses strcmp which is not constant time to verify authentication, which makes it easier for remote attackers to bypass authentication via a timing side channel...