A memory error in the function SSL_accept in nostromo nhttpd through 1.9.6 allows an attacker to trigger a denial of service via a crafted HTTP request.
References
Link | Resource |
---|---|
http://www.nazgul.ch/dev/nostromo_cl.txt | Release Notes Third Party Advisory |
https://git.sp0re.sh/sp0re/Nhttpd-exploits | Exploit Third Party Advisory |
https://sp0re.sh | Not Applicable |
Configurations
History
No history.
Information
Published : 2019-10-14 17:15
Updated : 2023-12-10 13:13
NVD link : CVE-2019-16279
Mitre link : CVE-2019-16279
CVE.ORG link : CVE-2019-16279
JSON object : View
Products Affected
nazgul
- nostromo_nhttpd
CWE
CWE-22
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')