Описание
LibHTP is a security-aware parser for the HTTP protocol. Crafted traffic can cause excessive processing time of HTTP headers, leading to denial of service. This issue is addressed in 0.5.46.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| libhtp | fixed | 1:0.5.46-1 | package | |
| libhtp | fixed | 1:0.5.42-1+deb12u1 | bookworm | package |
| libhtp | no-dsa | buster | package |
Примечания
https://github.com/OISF/libhtp/security/advisories/GHSA-f9wf-rrjj-qx8m
https://github.com/OISF/libhtp/commit/20ac301d801cdf01b3f021cca08a22a87f477c4a (0.5.46)
https://redmine.openinfosecfoundation.org/issues/6444
Связанные уязвимости
LibHTP is a security-aware parser for the HTTP protocol. Crafted traffic can cause excessive processing time of HTTP headers, leading to denial of service. This issue is addressed in 0.5.46.
LibHTP is a security-aware parser for the HTTP protocol. Crafted traffic can cause excessive processing time of HTTP headers, leading to denial of service. This issue is addressed in 0.5.46.
Уязвимость библиотеки синтаксического анализа протокола HTTP LibHTP, связанная с неограниченным распределением ресурсов, позволяющая нарушителю вызвать отказ в обслуживании