ICT & Cyber Security

[Bug 1861460] CVE-2020-12845 cherokee: NULL pointer dereference by sending an HTTP request using a malformed Authorization header

Author:



Cherokee 0.4.27 to 1.2.104 is affected by a denial of service due to a NULL pointer dereferences. A remote unauthenticated attacker can crash the server by sending an HTTP request to protected resources using a malformed Authorization header that is mishandled during a cherokee_buffer_add call….



Source link

You must be logged in to post a comment.

RELATED STORIES
vamtam-theme-circle-post
Category CERT-LatestNews Microsoft ThreatsCybercrime VulnerabilitiesAll VulnerabilitiesApplications VulnerabilitiesMicrosoft VulnerabilitiesNetwork

Federal agency compromised leveraging compromised credentials

September 26, 2020
Federal agency compromised leveraging compromised credentials Home » Security » Federal agency compromised leveraging compromised...
Tags , , , , ,
Read More
vamtam-theme-circle-post
Category CERT-LatestNews Microsoft ThreatsCybercrime ThreatsEconomic ThreatsStrategic VulnerabilitiesAll VulnerabilitiesApplications VulnerabilitiesMicrosoft VulnerabilitiesNetwork

One of this year’s most severe Windows bugs is now under active exploit

September 26, 2020
One of the highest-impact Windows vulnerabilities patched this year is now under active exploitation by...
Tags , , , , , ,
Read More
Category CERT-LatestNews Microsoft ThreatsCybercrime VulnerabilitiesAll VulnerabilitiesMicrosoft

Unpatched Domain Controllers Remain Vulnerable to Netlogon Vulnerability, CVE-2020-1472 – Kashif Ali

September 26, 2020
Original release date: September 24, 2020 The Cybersecurity and Infrastructure Security Agency (CISA) is aware...
Tags , , , , , , , , , ,
Read More
Category Microsoft TrendMicroNews VulnerabilitiesAll VulnerabilitiesApplications VulnerabilitiesMicrosoft

September 2020 – Microsoft Releases Security Patches – Threat Encyclopedia

September 26, 2020
Trend Micro Deep Security shields networks through the following Deep Packet Inspection (DPI) rules. Trend...
Tags , , , , , , ,
Read More
vamtam-theme-circle-post
Category CERT-LatestNews Hardware ThreatsCybercrime VulnerabilitiesAll VulnerabilitiesApplications VulnerabilitiesHardware

Cyber Airmen Trained for a China-Taiwan Conflict That Unfolds Online

September 26, 2020
If China invaded Taiwan, how would it play out on the Internet and mobile devices?...
Tags , , , , , , ,
Read More
Category Applications VulnerabilitiesAll VulnerabilitiesApplications

Vulnerability CVE-2020-14024

September 26, 2020
Published: 2020-09-22 Description: Ozeki NG SMS Gateway through 4.17.6 has multiple authenticated stored and/or reflected...
Read More
vamtam-theme-circle-post
Category APPLE CERT-LatestNews ThreatsCybercrime VulnerabilitiesAll VulnerabilitiesApple VulnerabilitiesApplications VulnerabilitiesLinux VulnerabilitiesNetwork VulnerabilitiesOS

Sell Network Access through Remote Management Applications

September 26, 2020
Sell network access in remote management applications According to a group of security researchers, remote...
Tags , , , , , ,
Read More
vamtam-theme-circle-post
Category Microsoft VulnerabilitiesAll VulnerabilitiesGoogle VulnerabilitiesMicrosoft

[图]Edge稳定版85.0.564.63发布:修复诸多严重安全漏洞 – Microsoft Edge – cnBeta.COM

September 26, 2020
面向 Windows 和 macOS 平台,今天微软发布了基于 Chromium 的 Edge 稳定版 85.0.564.63,只是在 85.0.564.51 版本基础上进行小幅调整。从版本符号变化中可以说明该浏览器并没有获得任何功能,只是获得了新的安全补丁。 访问: 阿里云推出高校特惠专场:0元体验入门云计算...
Tags , , , , , , ,
Read More
Category CERT-LatestNews Malware Microsoft ThreatsCybercrime ThreatsStrategic VulnerabilitiesAll VulnerabilitiesCrypto VulnerabilitiesGoogle VulnerabilitiesMicrosoft VulnerabilitiesNetwork

Microsoft warns that hackers are exploiting a severe Windows security flaw

September 26, 2020
Homeland Security’s Cybersecurity and Infrastructure Security Agency (CISA) issued a rare emergency alert last week,...
Tags , , , , , , , ,
Read More
vamtam-theme-circle-post
Category CERT-LatestNews Microsoft SocialEngineering ThreatsActivists ThreatsCybercrime ThreatsStrategic VulnerabilitiesAll VulnerabilitiesApplications VulnerabilitiesMicrosoft

In Some Ways, Russia Has Already Hacked the 2020 Election. But Here’s How to Stop the Interference From Getting Worse.

September 25, 2020
“Ahead of the 2020 U.S. elections,” National Counterintelligence and Security Center Director William Evanina declared...
Tags , , , , , , , ,
Read More
digitpol
scale
element-support
Call Center
+31 55 8448040
element-map
Location

Global

International Cyber Crime Investigation

Digitpol is licensed by the Ministry of Justice: Licence Number POB1557

©Digitpol. All images and content are copyright of Digitpol and can not be used, replicated or reproduced without written permission. 2019.

Privacy  /   Terms and Policy   /   Site map  /   Contact