CVE-2018-21027
https://notcve.org/view.php?id=CVE-2018-21027
Boa through 0.94.14rc21 allows remote attackers to trigger an out-of-memory (OOM) condition because malloc is mishandled. Boa versiones hasta 0.94.14rc21, permite a atacantes remotos desencadenar una condición fuera de la memoria (OOM) porque malloc es manejada inapropiadamente. • https://github.com/gpg/boa/pull/1 https://github.com/gpg/boa/pull/1/commits/e139b87835994d007fbd64eead6c1455d7b8cf4e • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2017-9833 – BOA Web Server 0.94.14rc21 - Arbitrary File Access
https://notcve.org/view.php?id=CVE-2017-9833
/cgi-bin/wapopen in Boa 0.94.14rc21 allows the injection of "../.." using the FILECAMERA variable (sent by GET) to read files with root privileges. NOTE: multiple third parties report that this is a system-integrator issue (e.g., a vulnerability on one type of camera) because Boa does not include any wapopen program or any code to read a FILECAMERA variable. /cgi-bin/wapopen in BOA Webserver 0.94.14rc21 permite la inyección de "../.." usando la variable FILECAMERA (enviada por GET) para leer archivos con privilegios root. BOA Web Server version 0.94.14rc21 an arbitrary file access vulnerability. • https://www.exploit-db.com/exploits/42290 https://github.com/anldori/CVE-2017-9833 https://pastebin.com/raw/rt7LJvyF • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2016-9564
https://notcve.org/view.php?id=CVE-2016-9564
Buffer overflow in send_redirect() in Boa Webserver 0.92r allows remote attackers to DoS via an HTTP GET request requesting a long URI with only '/' and '.' characters. Desbordamiento de búfer en send_redirect() en Boa Webserver 0.92r permite a atacantes remotos hacer DoS a través de una petición GET HTTP solicitando un URI largo con solo caracteres '/' y '.'. • http://www.ljcusack.io/cve-2016-9564-stack-based-buffer-overflow-in-boa-0-dot-92r http://www.securityfocus.com/bid/94599 • CWE-20: Improper Input Validation •