Zero-friction vulnerability management platform

Mageni eases for you the vulnerability scanning, assessment, and management process. It is free and open-source.

Install Now

Available for macOS, Windows, and Linux

App screenshot

Amazon Linux Local Check: ALAS-2014-353

Information

Severity

Severity

Medium

Family

Family

Amazon Linux Local Security Checks

CVSSv2 Base

CVSSv2 Base

6.4

CVSSv2 Vector

CVSSv2 Vector

AV:N/AC:L/Au:N/C:P/I:N/A:P

Solution Type

Solution Type

Vendor Patch

Created

Created

7 years ago

Modified

Modified

4 years ago

Summary

Amazon Linux Local Security Checks

Insight

Insight

Stack-based buffer overflow in the MHD_digest_auth_check function in libmicrohttpd before 0.9.32, when MHD_OPTION_CONNECTION_MEMORY_LIMIT is set to a large value, allows remote attackers to cause a denial of service (crash) or possibly execute arbitrary code via a long URI in an authentication header.The MHD_http_unescape function in libmicrohttpd before 0.9.32 might allow remote attackers to obtain sensitive information or cause a denial of service (crash) via unspecified vectors that trigger an out-of-bounds read.

Solution

Solution

Run yum update libmicrohttpd to update your system.

Common Vulnerabilities and Exposures (CVE)