Pavuk contains several buffer overflow vulnerabilities in the code handling digest authentication and HTTP header processing. This issue is similar to GLSA 200407-19, but contains more vulnerabilities.
</p>
</description>
<impacttype="normal">
<p>
A remote attacker could cause a buffer overflow, leading to arbitrary code execution with the rights of the user running Pavuk.
</p>
</impact>
<workaround>
<p>
There is no known workaround at this time.
</p>
</workaround>
<resolution>
<p>
All Pavuk users should upgrade to the latest version: