EUVD-2019-7855

Malware in sbrugna...

Null pointer dereference

Hydra through 0.1.8 has a NULL pointer dereference and daemon crash when processing POST requests that lack a Content-Length header. read.c, request.c, and util.c contribute to this. The processheaderend function calls boaatoi, which ultimately calls atoi on a NULL pointer...

CVE-2013-7402

The CVE-2013-7402 issue affects c-icap 0.2.x in the request.c component, with multiple unspecified vulnerabilities that allow remote attackers to trigger a denial of service (crash) via a crafted ICAP request. Several external advisories (e.g., Mandriva MDVSA-2015:001 and Mageia MGASA-2014-0530) ...

CVE-2013-7402

Multiple unspecified vulnerabilities in request.c in c-icap 0.2.x allow remote attackers to cause a denial of service crash via a crafted ICAP request...

Medium: lighttpd

Issue Overview: The httprequestsplitvalue function in request.c in lighttpd before 1.4.32 allows remote attackers to cause a denial of service infinite loop via a request with a header containing an empty token, as demonstrated using the "Connection: TE,,Keep-Alive" header. Affected Packages:...

CVE-2012-5533

The httprequestsplitvalue function in request.c in lighttpd before 1.4.32 allows remote attackers to cause a denial of service infinite loop via a request with a header containing an empty token, as demonstrated using the "Connection: TE,,Keep-Alive" header...