CVE-2023-27371

GNU libmicrohttpd before 0.9.76 allows remote DoS Denial of Service due to improper parsing of a multipart/form-data boundary in the postprocessor.c MHDcreatepostprocessor method. This allows an attacker to remotely send a malicious HTTP POST packet that includes one or more '\0' bytes in a...

CVE-2023-27371

Summary: CVE-2023-27371 affects GNU libmicrohttpd prior to 0.9.76. The vulnerability arises from improper parsing of multipart/form-data boundaries in postprocessor.c MHD_create_post_processor(), enabling a remote attacker to send a crafted HTTP POST containing one or more '\0' bytes in the bound...

GNU libmicrohttpd 缓冲区错误漏洞

GNU libmicrohttpd is an application from the American GNU community. Runs an HTTP server as part of another application. A security vulnerability exists in GNU libmicrohttpd versions prior to 0.9.76, which stems from improperly resolved data boundaries and can be exploited by an attacker to cause...

PT-2023-9347 · Gnu +7 · Gnu Libmicrohttpd +7

Name of the Vulnerable Software and Affected Versions: GNU libmicrohttpd versions prior to 0.9.76 Description: The issue is related to the improper parsing of a multipart/form-data boundary in the MHD create post processor method. This can be exploited by an attacker to send a malicious HTTP POST...

CVE-2023-27371

GNU libmicrohttpd before 0.9.76 allows remote DoS Denial of Service due to improper parsing of a multipart/form-data boundary in the postprocessor.c MHDcreatepostprocessor method. This allows an attacker to remotely send a malicious HTTP POST packet that includes one or more '\0' bytes in a...

K47306214: GNU Libmicrohttpd vulnerability CVE-2021-3466

Security Advisory Description A flaw was found in libmicrohttpd in versions before 0.9.71. A missing bounds check in the postprocessurlencoded function leads to a buffer overflow, allowing a remote attacker to write arbitrary data in an application that uses libmicrohttpd. The highest threat from...

SUSE CVE-2013-7039

Stack-based buffer overflow in the MHDdigestauthcheck function in libmicrohttpd before 0.9.32, when MHDOPTIONCONNECTIONMEMORYLIMIT is set to a large value, allows remote attackers to cause a denial of service crash or possibly execute arbitrary code via a long URI in an authentication header...

SUSE CVE-2013-7038

The MHDhttpunescape function in libmicrohttpd before 0.9.32 might allow remote attackers to obtain sensitive information or cause a denial of service crash via unspecified vectors that trigger an out-of-bounds read...

SUSE CVE-2021-3466

A flaw was found in libmicrohttpd. A missing bounds check in the postprocessurlencoded function leads to a buffer overflow, allowing a remote attacker to write arbitrary data in an application that uses libmicrohttpd. The highest threat from this vulnerability is to data confidentiality and...

new packages: libmicrohttpd

An update is available for libmicrohttpd. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list For detailed information on changes in this release, see the Rocky...

Mageia: Security Advisory (MGASA-2014-0030)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Advisory ROSA-SA-2021-1878

Software: libmicrohttpd 0.9.33 OS: Cobalt 7.9 CVE-ID: CVE-2021-3466 CVE-Crit: CRITICAL CVE-DESC: A bug was found in libmicrohttpd in versions before 0.9.71. The lack of bounds checking in the postprocessurlencoded function causes a buffer overflow, allowing a remote attacker to write arbitrary da...

[SECURITY] Fedora 34 Update: libmicrohttpd-0.9.73-1.fc34

GNU libmicrohttpd is a small C library that is supposed to make it easy to run an HTTP server as part of another application. Key features that distinguish libmicrohttpd from other projects are: C library: fast and small API is simple, expressive and fully reentrant Implementation is http 1.1...

[SECURITY] Fedora 32 Update: libmicrohttpd-0.9.73-1.fc32

GNU libmicrohttpd is a small C library that is supposed to make it easy to run an HTTP server as part of another application. Key features that distinguish libmicrohttpd from other projects are: C library: fast and small API is simple, expressive and fully reentrant Implementation is http 1.1...

[SECURITY] Fedora 33 Update: libmicrohttpd-0.9.73-1.fc33

GNU libmicrohttpd is a small C library that is supposed to make it easy to run an HTTP server as part of another application. Key features that distinguish libmicrohttpd from other projects are: C library: fast and small API is simple, expressive and fully reentrant Implementation is http 1.1...

Fedora: Security Advisory for libmicrohttpd (FEDORA-2021-5e10ad8c19)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for libmicrohttpd (FEDORA-2021-d4149ff7fb)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Fedora: Security Advisory for libmicrohttpd (FEDORA-2021-6d5578e756)

The remote host is missing an update for the Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SUSE: Security Advisory (SUSE-SU-2017:1576-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

GNU libmicrohttpd Buffer Overflow Vulnerability

GNU libmicrohttpd is a GNU open source application. Run the HTTP server as part of another application. A buffer overflow vulnerability exists in versions of libmicrohttpd prior to 0.9.71, which stems from the fact that a missing bounds check will result in a buffer overflow that can be exploited...