CVE-2010-0551

Name of the Vulnerable Software and Affected Versions Geo++ GNCASTER versions 1.4.0.7 and earlier

Description The issue allows remote attackers to read authentication headers of other users via a large request with an incorrect authentication attempt, which includes sensitive memory in the response. This is better characterized as "memory disclosure" rather than a "memory leak".

Recommendations For Geo++ GNCASTER versions 1.4.0.7 and earlier, update to a version later than 1.4.0.7 to resolve the issue. As a temporary workaround, consider restricting access to sensitive authentication headers until a patch is available.