FreshPorts - VuXML

This page displays vulnerability information about FreeBSD Ports.

The VUXML data was last processed by FreshPorts on 2024-04-19 20:48:44 UTC

List all Vulnerabilities, by package

List all Vulnerabilities, by date

k68

These are the vulnerabilities relating to the commit you have selected:

VuXML IDDescription
b13414c9-50ba-11e0-975a-000c29cc39d3hiawatha -- integer overflow in Content-Length header parsing

Hugo Leisink reports:

A bug has been found in version 7.4 of the Hiawatha webserver, which could lead to a server crash. This is caused by an integer overflow in the routine that reads the HTTP request. A too large value of the Content-Length HTTP header results in an overflow.


Discovery 2011-02-25
Entry 2011-03-17
hiawatha
< 7.4_1

http://www.hiawatha-webserver.org/weblog/16
http://secunia.com/advisories/43660/
http://securityvulns.com/Zdocument902.html
http://packetstormsecurity.org/files/99021/Hiawatha-WebServer-7.4-Denial-Of-Service.html
http://seclists.org/bugtraq/2011/Mar/65
eef56761-11eb-11e1-bb94-001c140104d4hiawatha -- memory leak in PreventSQLi routine

Hugo Leisink reports via private mail to maintainer:

The memory leak was introduced in version 7.6. It is in the routing that checks for SQL injections. So, if you have set PreventSQLi to 'no', there is no problem.


Discovery 2011-11-18
Entry 2011-11-18
hiawatha
ge 7.6 lt 7.8.2

http://www.hiawatha-webserver.org/changelog