bozohttpd 'snprintf()' Function Authentication Bypass Vulnerability
BID:68752
Info
bozohttpd 'snprintf()' Function Authentication Bypass Vulnerability
| Bugtraq ID: | 68752 |
| Class: | Design Error |
| CVE: |
CVE-2014-5015 |
| Remote: | Yes |
| Local: | No |
| Published: | Jul 17 2014 12:00AM |
| Updated: | Jul 17 2014 12:00AM |
| Credit: | Mateusz Kocielski |
| Vulnerable: |
NetBSD NetBSD 6.1 NetBSD NetBSD 6.0 NetBSD NetBSD 5.2 NetBSD NetBSD 5.1 bozohttpd bozohttpd 20140201 bozohttpd bozohttpd 20111118 |
| Not Vulnerable: |
bozohttpd bozohttpd 20140708 |
Discussion
bozohttpd 'snprintf()' Function Authentication Bypass Vulnerability
bozohttpd is prone to an authentication-bypass vulnerability.
An attacker can exploit these issues to bypass the authentication mechanism and gain unauthorized access to the protected files; this may aid in launching further attacks.
bozohttpd is prone to an authentication-bypass vulnerability.
An attacker can exploit these issues to bypass the authentication mechanism and gain unauthorized access to the protected files; this may aid in launching further attacks.