Gentoo Linux Security Advisory GLSA 200807-02 - Nico Golde reported an off-by-one error within the read_client() function in the webhttpd.c file, leading to a stack-based buffer overflow. Stefan Cornelius (Secunia Research) reported a boundary error within the same function, also leading to a stack-based buffer overflow. Both vulnerabilities require that the HTTP Control interface is enabled. Versions less than 3.2.10.1 are affected.
cb96d39c259f5beef4cf0b942d4d3b919bd65e832e5ee8a5a20a5d724bd4320b