---

CVE-2016-9594 - log back

CVE-2016-9594 created at 25 Sep 2019 19:31:40
Severity	+ Medium
Remote	+ Remote
Type	+ Incorrect calculation
Description	+ libcurl's (new) internal function that returns a good 32bit random value was implemented poorly and overwrote the pointer instead of writing the value into the buffer the pointer pointed to. This random value is used to generate nonces for Digest and NTLM authentication, for generating boundary strings in HTTP formposts and more. Having a weak or virtually non-existent random there makes these operations vulnerable. + This function has been introduced in 7.52.0
References	+ https://curl.haxx.se/docs/adv_20161223.html
Notes