All errata/sisyphus/ALT-PU-2014-1813-1
ALT-PU-2014-1813-1

Package update libmicrohttpd in branch sisyphus

Version0.9.36-alt1
Task#122033
Published2014-06-24
Max severityMEDIUM
Severity:

Closed issues (3)

BDU:2015-09755
MEDIUM6.4

Уязвимости операционной системы Gentoo Linux, позволяющие удаленному злоумышленнику нарушить конфиденциальность и доступность защищаемой информации

Published: 2015-04-28Modified: 2021-03-23
CVSS 2.0MEDIUM 6.4
CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:P
References
CVE-2013-7038
MEDIUM6.4

The MHD_http_unescape function in libmicrohttpd before 0.9.32 might allow remote attackers to obtain sensitive information or cause a denial of service (crash) via unspecified vectors that trigger an out-of-bounds read.

Published: 2013-12-13Modified: 2026-04-29
CVSS 2.0MEDIUM 6.4
CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:N/A:P
References
CVE-2013-7039
MEDIUM5.1

Stack-based buffer overflow in the MHD_digest_auth_check function in libmicrohttpd before 0.9.32, when MHD_OPTION_CONNECTION_MEMORY_LIMIT is set to a large value, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long URI in an authentication header.

Published: 2013-12-13Modified: 2026-04-29
CVSS 2.0MEDIUM 5.1
CVSS:2.0/AV:N/AC:H/Au:N/C:P/I:P/A:P
References