ID CVE-2007-1869
Summary lighttpd 1.4.12 and 1.4.13 allows remote attackers to cause a denial of service (cpu and resource consumption) by disconnecting while lighttpd is parsing CRLF sequences, which triggers an infinite loop and file descriptor consumption.
References
Vulnerable Configurations
  • lighttpd 1.4.12
    cpe:2.3:a:lighttpd:lighttpd:1.4.12
  • lighttpd 1.4.13
    cpe:2.3:a:lighttpd:lighttpd:1.4.13
CVSS
Base: 5.0 (as of 18-04-2007 - 10:16)
Impact:
Exploitability:
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
nessus via4
  • NASL family FreeBSD Local Security Checks
    NASL id FREEBSD_PKG_D2B48D30EA9711DBA802000FEA2763CE.NASL
    description Lighttpd SA : If the connection aborts during parsing '\r\n\r\n' the server might get into a infinite loop and use 100% of the CPU time. lighttpd still responses to other requests. This can be repeated until either the server limit for concurrent connections or file descriptors is reached. The bug was reported and fixed by Robert Jakabosky.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 25052
    published 2007-04-19
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=25052
    title FreeBSD : lighttpd -- Remote DOS in CRLF parsing (d2b48d30-ea97-11db-a802-000fea2763ce)
  • NASL family Debian Local Security Checks
    NASL id DEBIAN_DSA-1303.NASL
    description Two problems were discovered with lighttpd, a fast webserver with minimal memory footprint, which could allow denial of service. The Common Vulnerabilities and Exposures project identifies the following problems : - CVE-2007-1869 Remote attackers could cause denial of service by disconnecting partway through making a request. - CVE-2007-1870 A NULL pointer dereference could cause a crash when serving files with a mtime of 0.
    last seen 2019-02-21
    modified 2018-11-10
    plugin id 25465
    published 2007-06-12
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=25465
    title Debian DSA-1303-1 : lighttpd - denial of service
  • NASL family SuSE Local Security Checks
    NASL id SUSE_LIGHTTPD-3090.NASL
    description Two remotely exploitable DoS vulnerabilities in lighttpd can be used to crash lighttpd or make it waste CPU time in an enless loop (CVE-2007-1869, CVE-2007-1870).
    last seen 2019-02-21
    modified 2018-07-19
    plugin id 27339
    published 2007-10-17
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=27339
    title openSUSE 10 Security Update : lighttpd (lighttpd-3090)
  • NASL family Gentoo Local Security Checks
    NASL id GENTOO_GLSA-200705-07.NASL
    description The remote host is affected by the vulnerability described in GLSA-200705-07 (Lighttpd: Two Denials of Service) Robert Jakabosky discovered an infinite loop triggered by a connection abort when Lighttpd processes carriage return and line feed sequences. Marcus Rueckert discovered a NULL pointer dereference when a server running Lighttpd tries to access a file with a mtime of 0. Impact : A remote attacker could upload a specially crafted file to the server or send a specially crafted request and then abort the connection, possibly resulting in a crash or a Denial of Service by CPU consumption. Workaround : There is no known workaround at this time.
    last seen 2019-02-21
    modified 2018-07-11
    plugin id 25184
    published 2007-05-10
    reporter Tenable
    source https://www.tenable.com/plugins/index.php?view=single&id=25184
    title GLSA-200705-07 : Lighttpd: Two Denials of Service
refmap via4
bid 23515
bugtraq 20070420 FLEA-2007-0011-1: lighttpd
confirm
debian DSA-1303
gentoo GLSA-200705-07
secunia
  • 24886
  • 24947
  • 24995
  • 25166
  • 25613
suse SUSE-SR:2007:007
vupen ADV-2007-1399
xf lighttpd-rnrn-dos(33671)
Last major update 07-03-2011 - 21:53
Published 17-04-2007 - 23:19
Last modified 16-10-2018 - 12:41
Back to Top