Back to search
CVE-2019-17502
Published: Oct 12, 2019
Modified: Aug 5, 2024
PUBLISHED
Description
Hydra through 0.1.8 has a NULL pointer dereference and daemon crash when processing POST requests that lack a Content-Length header. read.c, request.c, and util.c contribute to this. The process_header_end() function calls boa_atoi(), which ultimately calls atoi() on a NULL pointer.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://hydra.hellug.gr
x_refsource_MISC
https://gist.github.com/fxb6476/0b9883a88ff2ca40de46a8469834e16c
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now