HTTP: ntop Basic Authorization Denial of Service
This signature detects attempts to exploit a known vulnerability in ntop basic Authorization. This could lead to a Denial of Service condition.
Extended Description
The 'ntop' tool is prone to a denial-of-service vulnerability because of a NULL-pointer dereference that occurs when crafted HTTP Basic Authentication credentials are received by the embedded webserver. An attacker can exploit this issue to crash the affected application, denying service to legitimate users. This issue affects ntop 3.3.10; other versions may also be affected.
Affected Products
Ntop ntop
Short Name
HTTP:NTOP-BASIC-AUTHORIZATION
Severity
Minor
Recommended
False
Recommended Action
None
Category
HTTP
Keywords
Authorization Basic CVE-2009-2732 Denial Service bid:36074 ntop of
Release Date
11/12/2012
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
Port
TCP/3000
False Positive
Unknown
Vendors
Mandriva
Ntop
Luca_deri
CVSS Score
5.0