htp_parse_authorization_digest in htp_parsers.c in LibHTP 0.5.26 allows remote attackers to cause a heap-based buffer over-read via an authorization digest header.
The product reads data past the end, or before the beginning, of the intended buffer.
Name | Vendor | Start Version | End Version |
---|---|---|---|
Libhtp | Oisf | 0.5.26 (including) | 0.5.26 (including) |
Htp | Ubuntu | bionic | * |
Htp | Ubuntu | cosmic | * |
Htp | Ubuntu | disco | * |
Htp | Ubuntu | eoan | * |
Htp | Ubuntu | focal | * |
Htp | Ubuntu | groovy | * |
Htp | Ubuntu | hirsute | * |
Htp | Ubuntu | impish | * |
Htp | Ubuntu | kinetic | * |
Htp | Ubuntu | lunar | * |
Htp | Ubuntu | mantic | * |
Htp | Ubuntu | oracular | * |
Htp | Ubuntu | trusty | * |
Htp | Ubuntu | xenial | * |
Libhtp | Ubuntu | bionic | * |
Libhtp | Ubuntu | cosmic | * |
Libhtp | Ubuntu | disco | * |
Libhtp | Ubuntu | eoan | * |
Libhtp | Ubuntu | focal | * |
Libhtp | Ubuntu | groovy | * |
Libhtp | Ubuntu | hirsute | * |
Libhtp | Ubuntu | impish | * |
Libhtp | Ubuntu | kinetic | * |
Libhtp | Ubuntu | lunar | * |
Libhtp | Ubuntu | mantic | * |
Libhtp | Ubuntu | oracular | * |
Libhtp | Ubuntu | trusty | * |
Libhtp | Ubuntu | xenial | * |
Suricata | Ubuntu | bionic | * |
Suricata | Ubuntu | cosmic | * |
Suricata | Ubuntu | disco | * |
Suricata | Ubuntu | eoan | * |
Suricata | Ubuntu | esm-apps/bionic | * |
Suricata | Ubuntu | esm-apps/xenial | * |
Suricata | Ubuntu | trusty | * |
Suricata | Ubuntu | upstream | * |
Suricata | Ubuntu | xenial | * |