Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2015-1548

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2015-1548
Last Modified 11 Feb 2015 02:32:14
Published 10 Feb 2015 02:59:02
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2015-1548

Summary

mini_httpd 1.21 and earlier allows remote attackers to obtain sensitive information from process memory via an HTTP request with a long protocol string, which triggers an incorrect response size calculation and an out-of-bounds read.

Vulnerable Systems

Application

  • Acme Mini Httpd 1.21


References

MISC - http://itinsight.hu/en/posts/articles/2015-01-23-mini-httpd/


Last Updated: 27 May 2016 11:07:46