CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 1CVE-2023-27371 – libmicrohttpd: remote DoS
https://notcve.org/view.php?id=CVE-2023-27371
GNU libmicrohttpd before 0.9.76 allows remote DoS (Denial of Service) due to improper parsing of a multipart/form-data boundary in the postprocessor.c MHD_create_post_processor() method. This allows an attacker to remotely send a malicious HTTP POST packet that includes one or more '\0' bytes in a multipart/form-data boundary field, which - assuming a specific heap layout - will result in an out-of-bounds read and a crash in the find_boundary() function. An out-of-bounds flaw was found in GNU's libmicrohttpd due to improper parsing of a multipart/form-data boundary in the MHD_create_post_processor() method in postprocessor.c. This flaw allows an attacker to remotely send a malicious HTTP POST packet that includes one or more ‘\0’ bytes in a multipart/form-data boundary field, which, assuming a specific heap layout, will result in an out-of-bounds read and a crash in the find_boundary() function, causing a denial of service. • https://git.gnunet.org/libmicrohttpd.git/commit/?id=6d6846e20bfdf4b3eb1b592c97520a532f724238 https://github.com/0xhebi/CVEs/tree/main/GNU%20Libmicrohttpd https://lists.debian.org/debian-lts-announce/2023/03/msg00029.html https://lists.gnu.org/archive/html/libmicrohttpd/2023-02/msg00000.html https://access.redhat.com/security/cve/CVE-2023-27371 https://bugzilla.redhat.com/show_bug.cgi?id=2174313 • CWE-125: Out-of-bounds Read •
CVSS: 6.4EPSS: 2%CPEs: 16EXPL: 0CVE-2013-7038
https://notcve.org/view.php?id=CVE-2013-7038
The MHD_http_unescape function in libmicrohttpd before 0.9.32 might allow remote attackers to obtain sensitive information or cause a denial of service (crash) via unspecified vectors that trigger an out-of-bounds read. La función MHD_http_unescape en libmicrohttpd anterior a 0.9.32 podría permitir a un atacante remoto obtener información sensible o causar una denegación de servicio (caída) a través de vectores no especificados que provoquen lecturas fuera de rango • http://secunia.com/advisories/55903 http://security.gentoo.org/glsa/glsa-201402-01.xml http://www.openwall.com/lists/oss-security/2013/12/09/11 http://www.securityfocus.com/bid/64138 https://bugs.gentoo.org/show_bug.cgi?id=493450 https://bugzilla.redhat.com/show_bug.cgi?id=1039384 https://gnunet.org/svn/libmicrohttpd/ChangeLog • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.1EPSS: 3%CPEs: 16EXPL: 0CVE-2013-7039
https://notcve.org/view.php?id=CVE-2013-7039
Stack-based buffer overflow in the MHD_digest_auth_check function in libmicrohttpd before 0.9.32, when MHD_OPTION_CONNECTION_MEMORY_LIMIT is set to a large value, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long URI in an authentication header. Desbordamiento de búfer basado en pila en la función MHD_digest_auth_check en libmicrohttpd anterior a 0.9.32, cuando MHD_OPTION_CONNECTION_MEMORY_LIMIT se establece en un valor grande, lo que permite a atacantes remotos provocar una denegación de servicio (caída) o posibilitar ejecutar código arbitrario a través de una URI muy larga en una cabecera de autenticación • http://secunia.com/advisories/55903 http://security.gentoo.org/glsa/glsa-201402-01.xml http://www.openwall.com/lists/oss-security/2013/12/09/11 http://www.securityfocus.com/bid/64138 https://bugs.gentoo.org/show_bug.cgi?id=493450 https://bugzilla.redhat.com/show_bug.cgi?id=1039390 https://gnunet.org/svn/libmicrohttpd/ChangeLog • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •