206 matches found
Security fix for the ALT Linux 10 package libmicrohttpd version 0.9.76-alt1
0.9.76-alt1 built April 6, 2023 Alexander Danilov in task 317701 March 29, 2023 Sergey Bolshakov - 0.9.76 released fixes: CVE-2023-27371...
Debian: Security Advisory (DLA-3374-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian dla-3374 : libmicrohttpd-dev - security update
The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3374 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3374-1 [email protected] https://www.debian.org/lts/security/...
[SECURITY] [DLA 3374-1] libmicrohttpd security update
------------------------------------------------------------------------- Debian LTS Advisory DLA-3374-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz March 30, 2023 https://wiki.debian.org/LTS -...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : libmicrohttpd (SUSE-SU-2023:1686-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:1686-1 advisory. - GNU libmicrohttpd before 0.9.76 allows remote DoS Denial of Service due to improper parsing of a...
SUSE-SU-2023:1686-1 Security update for libmicrohttpd
This update for libmicrohttpd fixes the following issues: - CVE-2023-27371: Fixed a parser bug that could be used to crash servers using the MHDPostProcessor bsc1208745...
Mageia: Security Advisory (MGASA-2023-0114)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2023-0114 Updated libmicrohttpd packages fix security vulnerability
In the MHDPostProcessor, malformed inputs can be used to crash the server for denial-of-service...
Updated libmicrohttpd packages fix security vulnerability
In the MHDPostProcessor, malformed inputs can be used to crash the server for denial-of-service...
OESA-2023-1171 libmicrohttpd security update
Development files for libmicrohttpd Security Fixes: GNU libmicrohttpd before 0.9.76 allows remote DoS Denial of Service due to improper parsing of a multipart/form-data boundary in the postprocessor.c MHDcreatepostprocessor method. This allows an attacker to remotely send a malicious HTTP POST...
GNU libmicrohttpd before 0.9.76 allows remote DoS (Denial of Service) due to improper parsing of a multipart/form-data boundary in the postprocessor.c MHD_create_post_processor() method. This allows an attacker to remotely send a malicious HTTP POST packet that includes one or more '\0' bytes in a multipart/form-data boundary field which - assuming a specific heap layout - will result in an out-of-bounds read and a crash in the find_boundary() function.
...
SUSE CVE-2023-27371
GNU libmicrohttpd before 0.9.76 allows remote DoS Denial of Service due to improper parsing of a multipart/form-data boundary in the postprocessor.c MHDcreatepostprocessor method. This allows an attacker to remotely send a malicious HTTP POST packet that includes one or more '\0' bytes in a...
CVE-2023-27371
An out-of-bounds flaw was found in GNU's libmicrohttpd due to improper parsing of a multipart/form-data boundary in the MHDcreatepostprocessor method in postprocessor.c. This flaw allows an attacker to remotely send a malicious HTTP POST packet that includes one or more ‘\0’ bytes in a...
CVE-2023-27371
GNU libmicrohttpd before 0.9.76 allows remote DoS Denial of Service due to improper parsing of a multipart/form-data boundary in the postprocessor.c MHDcreatepostprocessor method. This allows an attacker to remotely send a malicious HTTP POST packet that includes one or more '\0' bytes in a...
AZL-25347 CVE-2023-27371 affecting package libmicrohttpd for versions less than 0.9.76-1
GNU libmicrohttpd before 0.9.76 allows remote DoS Denial of Service due to improper parsing of a multipart/form-data boundary in the postprocessor.c MHDcreatepostprocessor method. This allows an attacker to remotely send a malicious HTTP POST packet that includes one or more '\0' bytes in a...
CVE-2023-27371
GNU libmicrohttpd before 0.9.76 allows remote DoS Denial of Service due to improper parsing of a multipart/form-data boundary in the postprocessor.c MHDcreatepostprocessor method. This allows an attacker to remotely send a malicious HTTP POST packet that includes one or more '\0' bytes in a...
DEBIAN-CVE-2023-27371
GNU libmicrohttpd before 0.9.76 allows remote DoS Denial of Service due to improper parsing of a multipart/form-data boundary in the postprocessor.c MHDcreatepostprocessor method. This allows an attacker to remotely send a malicious HTTP POST packet that includes one or more '\0' bytes in a...
Out-of-bounds
GNU libmicrohttpd before 0.9.76 allows remote DoS Denial of Service due to improper parsing of a multipart/form-data boundary in the postprocessor.c MHDcreatepostprocessor method. This allows an attacker to remotely send a malicious HTTP POST packet that includes one or more '\0' bytes in a...
CVE-2023-27371
GNU libmicrohttpd before 0.9.76 allows remote DoS Denial of Service due to improper parsing of a multipart/form-data boundary in the postprocessor.c MHDcreatepostprocessor method. This allows an attacker to remotely send a malicious HTTP POST packet that includes one or more '\0' bytes in a...
CVE-2023-27371
GNU libmicrohttpd before 0.9.76 allows remote DoS Denial of Service due to improper parsing of a multipart/form-data boundary in the postprocessor.c MHDcreatepostprocessor method. This allows an attacker to remotely send a malicious HTTP POST packet that includes one or more '\0' bytes in a...