Apache HTTP Server versions 2.4.0 to 2.4.46 A specially crafted Digest nonce can cause a stack overflow in mod_auth_digest. There is no report of this overflow being exploitable, nor the Apache HTTP Server team could create one, though some particular compiler and/or compilation option might make it possible, with limited consequences anyway due to the size (a single byte) and the value (zero byte) of the overflow
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Information
Published : 2021-06-10 00:15
Updated : 2021-12-01 13:32
NVD link : CVE-2020-35452
Mitre link : CVE-2020-35452
JSON object : View
CWE
CWE-787
Out-of-bounds Write
Products Affected
oracle
- instantis_enterprisetrack
- zfs_storage_appliance_kit
- enterprise_manager_ops_center
apache
- http_server
fedoraproject
- fedora
debian
- debian_linux