Package: mini-httpd
Version: 1.23-1.2
Severity: important
Tags: patch
The mini-httpd daemon (version <= v1.30) is affected by a response discrepancy
information exposure (CWE-204) that allows a remote attacker to enumerate valid
htpasswd usernames (RFC 7617).
Detailed advisory can be found at:
ht
goto error;
}
--
2.1.4
~~~
Affected versions
=
Debian: https://packages.debian.org/jessie/minissdpd
minissdpd version 1.2.20130907-3
Ubuntu: https://launchpad.net/ubuntu/+source/minissdpd
minissdpd version 1.2.20130907-3
History
===
2016/03/04 - Vendo
2 matches
Mail list logo