RSA Authentication Agent version 8.0.1 and earlier for Web for both IIS and Apache Web Server are impacted by a stack-based buffer overflow which may occur when handling certain malicious web cookies that have invalid formats. The attacker could exploit this vulnerability to crash the authentication agent and cause a denial-of-service situation.
References
Link | Resource |
---|---|
http://seclists.org/fulldisclosure/2018/Mar/60 | Mailing List Third Party Advisory |
http://www.securitytracker.com/id/1040577 | Third Party Advisory VDB Entry |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: dell
Published: 2018-03-26T00:00:00
Updated: 2018-03-31T09:57:01
Reserved: 2017-12-06T00:00:00
Link: CVE-2018-1232
JSON object: View
NVD Information
Status : Analyzed
Published: 2018-03-30T21:29:01.700
Modified: 2020-08-24T17:37:01.140
Link: CVE-2018-1232
JSON object: View
Redhat Information
No data.
CWE