2 matches found
CVE-2016-0778
CVE-2016-0778 affects the OpenSSH client roaming feature. The root cause is improper bounds handling in roaming_read/roaming_write in roaming_common.c, enabling a heap-based buffer overflow when certain proxy/forward options are used. This can cause a denial of service or potentially arbitrary co...
CVE-2015-3200
The CVE-2015-3200 entry concerns lighttpd mod_auth prior to 1.4.36. A remote attacker can inject log entries via a basic-auth string without a colon, demonstrated using a NULL/newline in the string. Impact is log injection; some references note potential information exposure. Remediation exists: ...