PT-2005-4958 · Watchfire · Watchfire Appscan
Mariano Nuez Di Croce
·
Published
2005-12-15
·
Updated
2018-10-19
·
CVE-2005-4270
CVSS v2.0
7.5
High
| Vector | AV:N/AC:L/Au:N/C:P/I:P/A:P |
Name of the Vulnerable Software and Affected Versions
Watchfire AppScan QA versions 5.0.609 through 5.0.134
Description
A buffer overflow issue allows remote web servers to execute arbitrary code via an HTTP 401 response with a WWW-Authenticate header containing a long
Realm field.Recommendations
For versions 5.0.609 through 5.0.134, update to a version that fixes this issue to prevent remote code execution.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Watchfire Appscan