CVE-2020-35452
mod_auth_digest possible stack overflow by one nul byte
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in mod_auth_digest. There is no report of this overflow being exploitable, nor the Apache HTTP Server team could create one, though some particular compiler and/or compilation option might make it possible, with limited consequences anyway due to the size (a single byte) and the value (zero byte) of the overflow
Apache HTTP Server versiones 2.4.0 a 2.4.46 Un Digest nonce especialmente diseñado puede causar un desbordamiento de pila en la función mod_auth_digest. No existe reportes de que este desbordamiento sea explotable, ni el equipo del Servidor HTTP Apache podría crear uno, aunque algún compilador y/o opción de compilación particular podría hacerlo posible, con consecuencias limitadas de todos modos debido al tamaño (un solo byte) y el valor (cero bytes) del desbordamiento
A flaw was found in Apache httpd. The mod_auth_digest has a single zero byte stack overflow. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2020-12-14 CVE Reserved
- 2021-06-10 CVE Published
- 2024-08-04 CVE Updated
- 2024-08-11 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer
- CWE-787: Out-of-bounds Write
CAPEC
References (14)
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Apache Search vendor "Apache" | Http Server Search vendor "Apache" for product "Http Server" | >= 2.4.0 <= 2.4.46 Search vendor "Apache" for product "Http Server" and version " >= 2.4.0 <= 2.4.46" | - |
Affected
| ||||||
Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 9.0 Search vendor "Debian" for product "Debian Linux" and version "9.0" | - |
Affected
| ||||||
Debian Search vendor "Debian" | Debian Linux Search vendor "Debian" for product "Debian Linux" | 10.0 Search vendor "Debian" for product "Debian Linux" and version "10.0" | - |
Affected
| ||||||
Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 34 Search vendor "Fedoraproject" for product "Fedora" and version "34" | - |
Affected
| ||||||
Fedoraproject Search vendor "Fedoraproject" | Fedora Search vendor "Fedoraproject" for product "Fedora" | 35 Search vendor "Fedoraproject" for product "Fedora" and version "35" | - |
Affected
| ||||||
Oracle Search vendor "Oracle" | Enterprise Manager Ops Center Search vendor "Oracle" for product "Enterprise Manager Ops Center" | 12.4.0.0 Search vendor "Oracle" for product "Enterprise Manager Ops Center" and version "12.4.0.0" | - |
Affected
| ||||||
Oracle Search vendor "Oracle" | Instantis Enterprisetrack Search vendor "Oracle" for product "Instantis Enterprisetrack" | 17.1 Search vendor "Oracle" for product "Instantis Enterprisetrack" and version "17.1" | - |
Affected
| ||||||
Oracle Search vendor "Oracle" | Instantis Enterprisetrack Search vendor "Oracle" for product "Instantis Enterprisetrack" | 17.2 Search vendor "Oracle" for product "Instantis Enterprisetrack" and version "17.2" | - |
Affected
| ||||||
Oracle Search vendor "Oracle" | Instantis Enterprisetrack Search vendor "Oracle" for product "Instantis Enterprisetrack" | 17.3 Search vendor "Oracle" for product "Instantis Enterprisetrack" and version "17.3" | - |
Affected
| ||||||
Oracle Search vendor "Oracle" | Zfs Storage Appliance Kit Search vendor "Oracle" for product "Zfs Storage Appliance Kit" | 8.8 Search vendor "Oracle" for product "Zfs Storage Appliance Kit" and version "8.8" | - |
Affected
|