Paketname
ntop
Datum
2010-09-14
Advisory ID
MDVSA-2010:181
Betroffene Versionen
CS4.0 x86_64 , CS4.0 i586

Problembeschreibung

A vulnerability has been found and corrected in ntop:

The checkHTTPpassword function in http.c in ntop 3.3.10 and earlier
allows remote attackers to cause a denial of service (NULL pointer
dereference and daemon crash) via an Authorization HTTP header
that lacks a : (colon) character in the base64-decoded string
(CVE-2009-2732).

The updated packages have been patched to correct this issue.

Aktualisierte Pakete

CS4.0 x86_64

 9b190aa56bff79dbfc5fb919184c1b28  corporate/4.0/x86_64/ntop-3.2-10.1.20060mlcs4.x86_64.rpm 
 cc851391181fd2ee2e663c1db5e284ae  corporate/4.0/SRPMS/ntop-3.2-10.1.20060mlcs4.src.rpm

CS4.0 i586

 ac2ba5221f518d975f33ff3225145ac9  corporate/4.0/i586/ntop-3.2-10.1.20060mlcs4.i586.rpm 
 cc851391181fd2ee2e663c1db5e284ae  corporate/4.0/SRPMS/ntop-3.2-10.1.20060mlcs4.src.rpm

Referenzen