Stack-based Buffer Overflow in RSA Authentication Agent for Web on IIS and Apache
CVE-2018-1232

7.5HIGH

Key Information:

Vendor: Dell
Status: Rsa Authentication Agent For Web For Iis, Rsa Authentication Agent For Web For Apache Web Server
Vendor: CVE Published:; 30 March 2018

What is CVE-2018-1232?

RSA Authentication Agent for Web versions 8.0.1 and earlier for IIS and Apache Web Server are vulnerable to a stack-based buffer overflow. This vulnerability can be triggered when processing malformed web cookies, potentially allowing an attacker to crash the authentication agent, leading to a denial-of-service condition. It is crucial for organizations using this software to assess their risk and apply security patches provided by the vendor.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

RSA Authentication Agent for Web for IIS, RSA Authentication Agent for Web for Apache Web Server version 8.0.1 and earlier

References

http://seclists.org/fulldisclosure/2018/Mar/60

mailing-listx_refsource_FULLDISC

http://www.securitytracker.com/id/1040577

vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

None

Integrity:

None

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Mar 30, 2018
Vulnerability Reserved
Dec 6, 2017

JSON

Dell

What is CVE-2018-1232?

Human OS v1.0: Ageing Is an Unpatched Zero-Day Vulnerability.

Affected Version(s)

References

CVSS V3.1

Timeline

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.