This is the mail archive of the
ecos-bugs@sourceware.org
mailing list for the eCos project.
[Bug 1000376] New: ATHTTPD security Authorization parse can overrun memory
- From: bugzilla-daemon at ecoscentric dot com
- To: ecos-bugs at sources dot redhat dot com
- Date: Thu, 1 Mar 2007 10:51:08 +0000 (GMT)
- Subject: [Bug 1000376] New: ATHTTPD security Authorization parse can overrun memory
https://bugzilla.ecoscentric.com/show_bug.cgi?id=1000376
Summary: ATHTTPD security Authorization parse can overrun memory
Product: eCos
Version: 2.0
Platform: Other
OS/Version: All
Status: UNCONFIRMED
Severity: critical
Priority: normal
Component: Other
AssignedTo: jifl@ecoscentric.com
ReportedBy: bugzilla_rmvthis@ds3switch.com
QAContact: ecos-bugs@sources.redhat.com
auth.c:cyg_httpd_digest_data() doesn't check length of http response value it's parsing and can merrily overwrite all memory.
--
Configure bugmail: https://bugzilla.ecoscentric.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the QA contact for the bug, or are watching the QA contact.