Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in mod_auth_digest. There is no report of this overflow being exploitable, nor the Apache HTTP Server team could create one, though some particular compiler and/or compilation option might make it possible, with limited consequences anyway due to the size (a single byte) and the value (zero byte) of the overflow
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
apache http server |
||
debian debian linux 9.0 |
||
debian debian linux 10.0 |
||
fedoraproject fedora 34 |
||
fedoraproject fedora 35 |
||
oracle instantis enterprisetrack 17.1 |
||
oracle instantis enterprisetrack 17.2 |
||
oracle instantis enterprisetrack 17.3 |
||
oracle enterprise manager ops center 12.4.0.0 |
||
oracle zfs storage appliance kit 8.8 |