Robert Swiecki reported that mod_auth_digest does not properly initialize or reset the value placeholder in [Proxy-]Authorization headers of type Digest between successive key=value assignments, leading to information disclosure or denial of service.
Continue reading...
Continue reading...