Bug#916190: mini-httpd (<= v1.30) is affected by a response discrepancy information exposure (CWE-204)

Package: mini-httpd Version: 1.23-1.2 Severity: important Tags: patch The mini-httpd daemon (version <= v1.30) is affected by a response discrepancy information exposure (CWE-204) that allows a remote attacker to enumerate valid htpasswd usernames (RFC 7617). Detailed advisory can be found at: ht

Bug#816759: minissdpd: The minissdpd daemon is affected by an improper validation of array index vulnerability

goto error; } -- 2.1.4 ~~~ Affected versions = Debian: https://packages.debian.org/jessie/minissdpd minissdpd version 1.2.20130907-3 Ubuntu: https://launchpad.net/ubuntu/+source/minissdpd minissdpd version 1.2.20130907-3 History === 2016/03/04 - Vendo