Mandriva Linux Security Advisory 2010-181 - The checkHTTPpassword function in http.c in ntop 3.3.10 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an Authorization HTTP header that lacks a : character in the base64-decoded string. The updated packages have been patched to correct this issue.
c602d8f54fa47e35711d72b52f0cf0b553abf275217bd0dd15d924c27cd7465cntop versions 3.3.10 and below suffer from a basic authentication null pointer denial of service vulnerability.
aad3f03488f5dcebf8a3f95a8a2dd8fd1ea219bc8c5bf2382388fed6da94eb39
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed