CVE-2009-2732

CVE-2009-2732 · MEDIUM Severity

AV:N/AC:L/AU:N/C:N/I:N/A:P

The checkHTTPpassword function in http.c in ntop 3.3.10 and earlier allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an Authorization HTTP header that lacks a : (colon) character in the base64-decoded string.

Learn more about our Web Application Penetration Testing UK.