BugTraq
Name:
Email:
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Subject:
Message:
 
CVE-2017-3167: Apache httpd 2.x ap_get_basic_auth_pw authentication bypass Jun 19 2017 10:19PM
Jacob Champion (jchampion apache org)
CVE-2017-3167: ap_get_basic_auth_pw authentication bypass

Severity: Important

Vendor: The Apache Software Foundation

Versions Affected:
httpd 2.2.0 to 2.2.32
httpd 2.4.0 to 2.4.25

Description:
Use of the ap_get_basic_auth_pw() by third-party modules outside of the
authentication phase may lead t...

[ more ]  
 

Privacy Statement
Copyright 2010, SecurityFocus