Short Name |
HTTP:NTOP-BASIC-AUTHORIZATION |
---|---|
Severity |
Minor |
Recommended |
No |
Category |
HTTP |
Keywords |
ntop Basic Authorization Denial of Service |
Release Date |
2012/11/11 |
Update Number |
2202 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability in ntop basic Authorization. This could lead to a Denial of Service condition.
The 'ntop' tool is prone to a denial-of-service vulnerability because of a NULL-pointer dereference that occurs when crafted HTTP Basic Authentication credentials are received by the embedded webserver. An attacker can exploit this issue to crash the affected application, denying service to legitimate users. This issue affects ntop 3.3.10; other versions may also be affected.