Vulnerabilites related to lighttpd - lighttpd
cve-2013-1427
Vulnerability from cvelistv5
Published
2013-03-21 17:00
Modified
2024-08-06 15:04
Severity ?
EPSS score ?
Summary
The configuration file for the FastCGI PHP support for lighttpd before 1.4.28 on Debian GNU/Linux creates a socket file with a predictable name in /tmp, which allows local users to hijack the PHP control socket and perform unauthorized actions such as forcing the use of a different version of PHP via a symlink attack or a race condition.
References
| ▼ | URL | Tags |
|---|---|---|
| http://osvdb.org/91462 | vdb-entry, x_refsource_OSVDB | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/82897 | vdb-entry, x_refsource_XF | |
| http://www.securityfocus.com/bid/58528 | vdb-entry, x_refsource_BID | |
| http://www.debian.org/security/2013/dsa-2649 | vendor-advisory, x_refsource_DEBIAN |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T15:04:48.266Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "91462", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://osvdb.org/91462", }, { name: "lighttpd-cve20131427-symlink(82897)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/82897", }, { name: "58528", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/58528", }, { name: "DSA-2649", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2013/dsa-2649", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2013-03-15T00:00:00", descriptions: [ { lang: "en", value: "The configuration file for the FastCGI PHP support for lighttpd before 1.4.28 on Debian GNU/Linux creates a socket file with a predictable name in /tmp, which allows local users to hijack the PHP control socket and perform unauthorized actions such as forcing the use of a different version of PHP via a symlink attack or a race condition.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-08-28T12:57:01", orgId: "79363d38-fa19-49d1-9214-5f28da3f3ac5", shortName: "debian", }, references: [ { name: "91462", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://osvdb.org/91462", }, { name: "lighttpd-cve20131427-symlink(82897)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/82897", }, { name: "58528", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/58528", }, { name: "DSA-2649", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2013/dsa-2649", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "security@debian.org", ID: "CVE-2013-1427", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The configuration file for the FastCGI PHP support for lighttpd before 1.4.28 on Debian GNU/Linux creates a socket file with a predictable name in /tmp, which allows local users to hijack the PHP control socket and perform unauthorized actions such as forcing the use of a different version of PHP via a symlink attack or a race condition.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "91462", refsource: "OSVDB", url: "http://osvdb.org/91462", }, { name: "lighttpd-cve20131427-symlink(82897)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/82897", }, { name: "58528", refsource: "BID", url: "http://www.securityfocus.com/bid/58528", }, { name: "DSA-2649", refsource: "DEBIAN", url: "http://www.debian.org/security/2013/dsa-2649", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "79363d38-fa19-49d1-9214-5f28da3f3ac5", assignerShortName: "debian", cveId: "CVE-2013-1427", datePublished: "2013-03-21T17:00:00", dateReserved: "2013-01-26T00:00:00", dateUpdated: "2024-08-06T15:04:48.266Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2013-4559
Vulnerability from cvelistv5
Published
2013-11-19 19:00
Modified
2024-08-06 16:45
Severity ?
EPSS score ?
Summary
lighttpd before 1.4.33 does not check the return value of the (1) setuid, (2) setgid, or (3) setgroups functions, which might cause lighttpd to run as root if it is restarted and allows remote attackers to gain privileges, as demonstrated by multiple calls to the clone function that cause setuid to fail when the user process limit is reached.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/55682 | third-party-advisory, x_refsource_SECUNIA | |
| http://marc.info/?l=bugtraq&m=141576815022399&w=2 | vendor-advisory, x_refsource_HP | |
| http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2013_02.txt | x_refsource_CONFIRM | |
| http://lists.opensuse.org/opensuse-updates/2014-01/msg00049.html | vendor-advisory, x_refsource_SUSE | |
| https://www.debian.org/security/2013/dsa-2795 | vendor-advisory, x_refsource_DEBIAN | |
| http://www.openwall.com/lists/oss-security/2013/11/12/4 | mailing-list, x_refsource_MLIST | |
| https://kc.mcafee.com/corporate/index?page=content&id=SB10310 | x_refsource_CONFIRM | |
| http://jvn.jp/en/jp/JVN37417423/index.html | third-party-advisory, x_refsource_JVN |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T16:45:14.842Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "55682", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/55682", }, { name: "HPSBGN03191", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141576815022399&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2013_02.txt", }, { name: "openSUSE-SU-2014:0072", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00049.html", }, { name: "DSA-2795", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2013/dsa-2795", }, { name: "[oss-security] 20131112 Re: CVE Request: lighttpd multiple issues (setuid/... unchecked return value, FAM: read after free)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2013/11/12/4", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10310", }, { name: "JVN#37417423", tags: [ "third-party-advisory", "x_refsource_JVN", "x_transferred", ], url: "http://jvn.jp/en/jp/JVN37417423/index.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2013-11-12T00:00:00", descriptions: [ { lang: "en", value: "lighttpd before 1.4.33 does not check the return value of the (1) setuid, (2) setgid, or (3) setgroups functions, which might cause lighttpd to run as root if it is restarted and allows remote attackers to gain privileges, as demonstrated by multiple calls to the clone function that cause setuid to fail when the user process limit is reached.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-02-19T04:06:13", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "55682", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/55682", }, { name: "HPSBGN03191", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141576815022399&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2013_02.txt", }, { name: "openSUSE-SU-2014:0072", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00049.html", }, { name: "DSA-2795", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2013/dsa-2795", }, { name: "[oss-security] 20131112 Re: CVE Request: lighttpd multiple issues (setuid/... unchecked return value, FAM: read after free)", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2013/11/12/4", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10310", }, { name: "JVN#37417423", tags: [ "third-party-advisory", "x_refsource_JVN", ], url: "http://jvn.jp/en/jp/JVN37417423/index.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2013-4559", datePublished: "2013-11-19T19:00:00", dateReserved: "2013-06-12T00:00:00", dateUpdated: "2024-08-06T16:45:14.842Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2007-3950
Vulnerability from cvelistv5
Published
2007-07-24 00:00
Modified
2024-08-07 14:37
Severity ?
EPSS score ?
Summary
lighttpd 1.4.15, when run on 32 bit platforms, allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors involving the use of incompatible format specifiers in certain debugging messages in the (1) mod_scgi, (2) mod_fastcgi, and (3) mod_webdav modules.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T14:37:05.373Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "2909", tags: [ "third-party-advisory", "x_refsource_SREASON", "x_transferred", ], url: "http://securityreason.com/securityalert/2909", }, { name: "26158", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/26158", }, { name: "ADV-2007-2585", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2007/2585", }, { name: "26130", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/26130", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://trac.lighttpd.net/trac/changeset/1882", }, { name: "20070719 rPSA-2007-0145-1 lighttpd", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/474131/100/0/threaded", }, { name: "24967", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/24967", }, { name: "26593", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/26593", }, { name: "DSA-1362", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2007/dsa-1362", }, { name: "GLSA-200708-11", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-200708-11.xml", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://trac.lighttpd.net/trac/ticket/1263", }, { name: "SUSE-SR:2007:015", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://www.novell.com/linux/security/advisories/2007_15_sr.html", }, { name: "26505", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/26505", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2007-07-17T00:00:00", descriptions: [ { lang: "en", value: "lighttpd 1.4.15, when run on 32 bit platforms, allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors involving the use of incompatible format specifiers in certain debugging messages in the (1) mod_scgi, (2) mod_fastcgi, and (3) mod_webdav modules.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-15T20:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "2909", tags: [ "third-party-advisory", "x_refsource_SREASON", ], url: "http://securityreason.com/securityalert/2909", }, { name: "26158", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/26158", }, { name: "ADV-2007-2585", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2007/2585", }, { name: "26130", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/26130", }, { tags: [ "x_refsource_MISC", ], url: "http://trac.lighttpd.net/trac/changeset/1882", }, { name: "20070719 rPSA-2007-0145-1 lighttpd", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/474131/100/0/threaded", }, { name: "24967", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/24967", }, { name: "26593", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/26593", }, { name: "DSA-1362", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2007/dsa-1362", }, { name: "GLSA-200708-11", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-200708-11.xml", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://trac.lighttpd.net/trac/ticket/1263", }, { name: "SUSE-SR:2007:015", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://www.novell.com/linux/security/advisories/2007_15_sr.html", }, { name: "26505", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/26505", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2007-3950", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "lighttpd 1.4.15, when run on 32 bit platforms, allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors involving the use of incompatible format specifiers in certain debugging messages in the (1) mod_scgi, (2) mod_fastcgi, and (3) mod_webdav modules.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "2909", refsource: "SREASON", url: "http://securityreason.com/securityalert/2909", }, { name: "26158", refsource: "SECUNIA", url: "http://secunia.com/advisories/26158", }, { name: "ADV-2007-2585", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2007/2585", }, { name: "26130", refsource: "SECUNIA", url: "http://secunia.com/advisories/26130", }, { name: "http://trac.lighttpd.net/trac/changeset/1882", refsource: "MISC", url: "http://trac.lighttpd.net/trac/changeset/1882", }, { name: "20070719 rPSA-2007-0145-1 lighttpd", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/474131/100/0/threaded", }, { name: "24967", refsource: "BID", url: "http://www.securityfocus.com/bid/24967", }, { name: "26593", refsource: "SECUNIA", url: "http://secunia.com/advisories/26593", }, { name: "DSA-1362", refsource: "DEBIAN", url: "http://www.debian.org/security/2007/dsa-1362", }, { name: "GLSA-200708-11", refsource: "GENTOO", url: "http://security.gentoo.org/glsa/glsa-200708-11.xml", }, { name: "http://trac.lighttpd.net/trac/ticket/1263", refsource: "CONFIRM", url: "http://trac.lighttpd.net/trac/ticket/1263", }, { name: "SUSE-SR:2007:015", refsource: "SUSE", url: "http://www.novell.com/linux/security/advisories/2007_15_sr.html", }, { name: "26505", refsource: "SECUNIA", url: "http://secunia.com/advisories/26505", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2007-3950", datePublished: "2007-07-24T00:00:00", dateReserved: "2007-07-23T00:00:00", dateUpdated: "2024-08-07T14:37:05.373Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2008-0983
Vulnerability from cvelistv5
Published
2008-02-26 18:00
Modified
2024-08-07 08:01
Severity ?
EPSS score ?
Summary
lighttpd 1.4.18, and possibly other versions before 1.5.0, does not properly calculate the size of a file descriptor array, which allows remote attackers to cause a denial of service (crash) via a large number of connections, which triggers an out-of-bounds access.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T08:01:40.227Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "ADV-2008-0659", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2008/0659/references", }, { name: "29268", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/29268", }, { name: "29066", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/29066", }, { name: "29622", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/29622", }, { name: "SUSE-SR:2008:008", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html", }, { name: "29209", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/29209", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://issues.rpath.com/browse/RPL-2284", }, { name: "FEDORA-2008-2262", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00162.html", }, { name: "GLSA-200803-10", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-200803-10.xml", }, { name: "20080228 rPSA-2008-0084-1 lighttpd", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/488926/100/0/threaded", }, { name: "DSA-1609", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2008/dsa-1609", }, { name: "29166", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/29166", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://wiki.rpath.com/Advisories:rPSA-2008-0084", }, { name: "FEDORA-2008-2278", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00180.html", }, { name: "27943", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/27943", }, { name: "31104", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/31104", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://trac.lighttpd.net/trac/ticket/1562", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2008-02-21T00:00:00", descriptions: [ { lang: "en", value: "lighttpd 1.4.18, and possibly other versions before 1.5.0, does not properly calculate the size of a file descriptor array, which allows remote attackers to cause a denial of service (crash) via a large number of connections, which triggers an out-of-bounds access.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-15T20:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "ADV-2008-0659", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2008/0659/references", }, { name: "29268", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/29268", }, { name: "29066", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/29066", }, { name: "29622", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/29622", }, { name: "SUSE-SR:2008:008", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html", }, { name: "29209", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/29209", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://issues.rpath.com/browse/RPL-2284", }, { name: "FEDORA-2008-2262", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00162.html", }, { name: "GLSA-200803-10", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-200803-10.xml", }, { name: "20080228 rPSA-2008-0084-1 lighttpd", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/488926/100/0/threaded", }, { name: "DSA-1609", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2008/dsa-1609", }, { name: "29166", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/29166", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://wiki.rpath.com/Advisories:rPSA-2008-0084", }, { name: "FEDORA-2008-2278", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00180.html", }, { name: "27943", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/27943", }, { name: "31104", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/31104", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://trac.lighttpd.net/trac/ticket/1562", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2008-0983", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "lighttpd 1.4.18, and possibly other versions before 1.5.0, does not properly calculate the size of a file descriptor array, which allows remote attackers to cause a denial of service (crash) via a large number of connections, which triggers an out-of-bounds access.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "ADV-2008-0659", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2008/0659/references", }, { name: "29268", refsource: "SECUNIA", url: "http://secunia.com/advisories/29268", }, { name: "29066", refsource: "SECUNIA", url: "http://secunia.com/advisories/29066", }, { name: "29622", refsource: "SECUNIA", url: "http://secunia.com/advisories/29622", }, { name: "SUSE-SR:2008:008", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html", }, { name: "29209", refsource: "SECUNIA", url: "http://secunia.com/advisories/29209", }, { name: "https://issues.rpath.com/browse/RPL-2284", refsource: "CONFIRM", url: "https://issues.rpath.com/browse/RPL-2284", }, { name: "FEDORA-2008-2262", refsource: "FEDORA", url: "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00162.html", }, { name: "GLSA-200803-10", refsource: "GENTOO", url: "http://security.gentoo.org/glsa/glsa-200803-10.xml", }, { name: "20080228 rPSA-2008-0084-1 lighttpd", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/488926/100/0/threaded", }, { name: "DSA-1609", refsource: "DEBIAN", url: "http://www.debian.org/security/2008/dsa-1609", }, { name: "29166", refsource: "SECUNIA", url: "http://secunia.com/advisories/29166", }, { name: "http://wiki.rpath.com/Advisories:rPSA-2008-0084", refsource: "CONFIRM", url: "http://wiki.rpath.com/Advisories:rPSA-2008-0084", }, { name: "FEDORA-2008-2278", refsource: "FEDORA", url: "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00180.html", }, { name: "27943", refsource: "BID", url: "http://www.securityfocus.com/bid/27943", }, { name: "31104", refsource: "SECUNIA", url: "http://secunia.com/advisories/31104", }, { name: "http://trac.lighttpd.net/trac/ticket/1562", refsource: "CONFIRM", url: "http://trac.lighttpd.net/trac/ticket/1562", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2008-0983", datePublished: "2008-02-26T18:00:00", dateReserved: "2008-02-26T00:00:00", dateUpdated: "2024-08-07T08:01:40.227Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-19052
Vulnerability from cvelistv5
Published
2018-11-07 05:00
Modified
2024-08-05 11:30
Severity ?
EPSS score ?
Summary
An issue was discovered in mod_alias_physical_handler in mod_alias.c in lighttpd before 1.4.50. There is potential ../ path traversal of a single directory above an alias target, with a specific mod_alias configuration where the matched alias lacks a trailing '/' character, but the alias target filesystem path does have a trailing '/' character.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/lighttpd/lighttpd1.4/commit/2105dae0f9d7a964375ce681e53cb165375f84c1 | x_refsource_MISC | |
| http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00054.html | vendor-advisory, x_refsource_SUSE | |
| https://lists.debian.org/debian-lts-announce/2022/01/msg00012.html | mailing-list, x_refsource_MLIST |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T11:30:04.022Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/lighttpd/lighttpd1.4/commit/2105dae0f9d7a964375ce681e53cb165375f84c1", }, { name: "openSUSE-SU-2019:2347", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00054.html", }, { name: "[debian-lts-announce] 20220118 [SECURITY] [DLA 2879-1] lighttpd security update", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2022/01/msg00012.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2018-11-06T00:00:00", descriptions: [ { lang: "en", value: "An issue was discovered in mod_alias_physical_handler in mod_alias.c in lighttpd before 1.4.50. There is potential ../ path traversal of a single directory above an alias target, with a specific mod_alias configuration where the matched alias lacks a trailing '/' character, but the alias target filesystem path does have a trailing '/' character.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-01-18T20:06:17", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/lighttpd/lighttpd1.4/commit/2105dae0f9d7a964375ce681e53cb165375f84c1", }, { name: "openSUSE-SU-2019:2347", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00054.html", }, { name: "[debian-lts-announce] 20220118 [SECURITY] [DLA 2879-1] lighttpd security update", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "https://lists.debian.org/debian-lts-announce/2022/01/msg00012.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2018-19052", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "An issue was discovered in mod_alias_physical_handler in mod_alias.c in lighttpd before 1.4.50. There is potential ../ path traversal of a single directory above an alias target, with a specific mod_alias configuration where the matched alias lacks a trailing '/' character, but the alias target filesystem path does have a trailing '/' character.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/lighttpd/lighttpd1.4/commit/2105dae0f9d7a964375ce681e53cb165375f84c1", refsource: "MISC", url: "https://github.com/lighttpd/lighttpd1.4/commit/2105dae0f9d7a964375ce681e53cb165375f84c1", }, { name: "openSUSE-SU-2019:2347", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00054.html", }, { name: "[debian-lts-announce] 20220118 [SECURITY] [DLA 2879-1] lighttpd security update", refsource: "MLIST", url: "https://lists.debian.org/debian-lts-announce/2022/01/msg00012.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2018-19052", datePublished: "2018-11-07T05:00:00", dateReserved: "2018-11-06T00:00:00", dateUpdated: "2024-08-05T11:30:04.022Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2013-4508
Vulnerability from cvelistv5
Published
2013-11-08 02:00
Modified
2024-08-06 16:45
Severity ?
EPSS score ?
Summary
lighttpd before 1.4.34, when SNI is enabled, configures weak SSL ciphers, which makes it easier for remote attackers to hijack sessions by inserting packets into the client-server data stream or obtain sensitive information by sniffing the network.
References
| ▼ | URL | Tags |
|---|---|---|
| http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2013_01.txt | x_refsource_CONFIRM | |
| http://openwall.com/lists/oss-security/2013/11/04/19 | mailing-list, x_refsource_MLIST | |
| http://marc.info/?l=bugtraq&m=141576815022399&w=2 | vendor-advisory, x_refsource_HP | |
| http://redmine.lighttpd.net/issues/2525 | x_refsource_CONFIRM | |
| http://lists.opensuse.org/opensuse-updates/2014-01/msg00049.html | vendor-advisory, x_refsource_SUSE | |
| https://www.debian.org/security/2013/dsa-2795 | vendor-advisory, x_refsource_DEBIAN | |
| http://redmine.lighttpd.net/projects/lighttpd/repository/revisions/2913/diff/ | x_refsource_CONFIRM | |
| http://jvn.jp/en/jp/JVN37417423/index.html | third-party-advisory, x_refsource_JVN |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T16:45:15.220Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2013_01.txt", }, { name: "[oss-security] 20131104 Re: CVE Request: lighttpd using vulnerable cipher suites with SNI", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://openwall.com/lists/oss-security/2013/11/04/19", }, { name: "HPSBGN03191", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141576815022399&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://redmine.lighttpd.net/issues/2525", }, { name: "openSUSE-SU-2014:0072", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00049.html", }, { name: "DSA-2795", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2013/dsa-2795", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://redmine.lighttpd.net/projects/lighttpd/repository/revisions/2913/diff/", }, { name: "JVN#37417423", tags: [ "third-party-advisory", "x_refsource_JVN", "x_transferred", ], url: "http://jvn.jp/en/jp/JVN37417423/index.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2013-11-04T00:00:00", descriptions: [ { lang: "en", value: "lighttpd before 1.4.34, when SNI is enabled, configures weak SSL ciphers, which makes it easier for remote attackers to hijack sessions by inserting packets into the client-server data stream or obtain sensitive information by sniffing the network.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-02-19T04:06:11", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2013_01.txt", }, { name: "[oss-security] 20131104 Re: CVE Request: lighttpd using vulnerable cipher suites with SNI", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://openwall.com/lists/oss-security/2013/11/04/19", }, { name: "HPSBGN03191", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141576815022399&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://redmine.lighttpd.net/issues/2525", }, { name: "openSUSE-SU-2014:0072", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00049.html", }, { name: "DSA-2795", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2013/dsa-2795", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://redmine.lighttpd.net/projects/lighttpd/repository/revisions/2913/diff/", }, { name: "JVN#37417423", tags: [ "third-party-advisory", "x_refsource_JVN", ], url: "http://jvn.jp/en/jp/JVN37417423/index.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2013-4508", datePublished: "2013-11-08T02:00:00", dateReserved: "2013-06-12T00:00:00", dateUpdated: "2024-08-06T16:45:15.220Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2006-0814
Vulnerability from cvelistv5
Published
2006-03-06 21:00
Modified
2024-08-07 16:48
Severity ?
EPSS score ?
Summary
response.c in Lighttpd 1.4.10 and possibly previous versions, when run on Windows, allows remote attackers to read arbitrary source code via requests that contain trailing (1) "." (dot) and (2) space characters, which are ignored by Windows, as demonstrated by PHP files.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/archive/1/426446/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://trac.lighttpd.net/trac/changeset/1005 | x_refsource_CONFIRM | |
| http://www.osvdb.org/23542 | vdb-entry, x_refsource_OSVDB | |
| http://secunia.com/advisories/18886 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.vupen.com/english/advisories/2006/0782 | vdb-entry, x_refsource_VUPEN | |
| http://securityreason.com/securityalert/523 | third-party-advisory, x_refsource_SREASON | |
| http://www.securityfocus.com/bid/16893 | vdb-entry, x_refsource_BID | |
| http://secunia.com/secunia_research/2006-9/advisory/ | x_refsource_MISC | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/24976 | vdb-entry, x_refsource_XF | |
| http://securitytracker.com/id?1015703 | vdb-entry, x_refsource_SECTRACK |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T16:48:56.456Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "20060301 Secunia Research: Lighttpd Script Source Disclosure Vulnerability", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/426446/100/0/threaded", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://trac.lighttpd.net/trac/changeset/1005", }, { name: "23542", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://www.osvdb.org/23542", }, { name: "18886", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18886", }, { name: "ADV-2006-0782", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2006/0782", }, { name: "523", tags: [ "third-party-advisory", "x_refsource_SREASON", "x_transferred", ], url: "http://securityreason.com/securityalert/523", }, { name: "16893", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/16893", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://secunia.com/secunia_research/2006-9/advisory/", }, { name: "lighttpd-source-code-disclosure(24976)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/24976", }, { name: "1015703", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://securitytracker.com/id?1015703", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2006-03-01T00:00:00", descriptions: [ { lang: "en", value: "response.c in Lighttpd 1.4.10 and possibly previous versions, when run on Windows, allows remote attackers to read arbitrary source code via requests that contain trailing (1) \".\" (dot) and (2) space characters, which are ignored by Windows, as demonstrated by PHP files.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-18T14:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "20060301 Secunia Research: Lighttpd Script Source Disclosure Vulnerability", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/426446/100/0/threaded", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://trac.lighttpd.net/trac/changeset/1005", }, { name: "23542", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://www.osvdb.org/23542", }, { name: "18886", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18886", }, { name: "ADV-2006-0782", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2006/0782", }, { name: "523", tags: [ "third-party-advisory", "x_refsource_SREASON", ], url: "http://securityreason.com/securityalert/523", }, { name: "16893", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/16893", }, { tags: [ "x_refsource_MISC", ], url: "http://secunia.com/secunia_research/2006-9/advisory/", }, { name: "lighttpd-source-code-disclosure(24976)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/24976", }, { name: "1015703", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://securitytracker.com/id?1015703", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2006-0814", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "response.c in Lighttpd 1.4.10 and possibly previous versions, when run on Windows, allows remote attackers to read arbitrary source code via requests that contain trailing (1) \".\" (dot) and (2) space characters, which are ignored by Windows, as demonstrated by PHP files.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "20060301 Secunia Research: Lighttpd Script Source Disclosure Vulnerability", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/426446/100/0/threaded", }, { name: "http://trac.lighttpd.net/trac/changeset/1005", refsource: "CONFIRM", url: "http://trac.lighttpd.net/trac/changeset/1005", }, { name: "23542", refsource: "OSVDB", url: "http://www.osvdb.org/23542", }, { name: "18886", refsource: "SECUNIA", url: "http://secunia.com/advisories/18886", }, { name: "ADV-2006-0782", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2006/0782", }, { name: "523", refsource: "SREASON", url: "http://securityreason.com/securityalert/523", }, { name: "16893", refsource: "BID", url: "http://www.securityfocus.com/bid/16893", }, { name: "http://secunia.com/secunia_research/2006-9/advisory/", refsource: "MISC", url: "http://secunia.com/secunia_research/2006-9/advisory/", }, { name: "lighttpd-source-code-disclosure(24976)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/24976", }, { name: "1015703", refsource: "SECTRACK", url: "http://securitytracker.com/id?1015703", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2006-0814", datePublished: "2006-03-06T21:00:00", dateReserved: "2006-02-21T00:00:00", dateUpdated: "2024-08-07T16:48:56.456Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2008-1531
Vulnerability from cvelistv5
Published
2008-03-27 23:00
Modified
2024-08-07 08:24
Severity ?
EPSS score ?
Summary
The connection_state_machine function (connections.c) in lighttpd 1.4.19 and earlier, and 1.5.x before 1.5.0, allows remote attackers to cause a denial of service (active SSL connection loss) by triggering an SSL error, such as disconnecting before a download has finished, which causes all active SSL connections to be lost.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T08:24:42.543Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://trac.lighttpd.net/trac/ticket/285#comment:21", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://issues.rpath.com/browse/RPL-2407", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.gentoo.org/show_bug.cgi?id=214892", }, { name: "DSA-1540", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2008/dsa-1540", }, { name: "SUSE-SR:2008:011", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html", }, { name: "43788", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://www.osvdb.org/43788", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://trac.lighttpd.net/trac/changeset/2136", }, { name: "FEDORA-2008-3343", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00562.html", }, { name: "GLSA-200804-08", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-200804-08.xml", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://trac.lighttpd.net/trac/ticket/285#comment:18", }, { name: "30023", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/30023", }, { name: "29505", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/29505", }, { name: "20080331 rPSA-2008-0132-1 lighttpd", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/490323/100/0/threaded", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0132", }, { name: "28489", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/28489", }, { name: "29636", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/29636", }, { name: "ADV-2008-1063", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2008/1063/references", }, { name: "29544", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/29544", }, { name: "lighttpd-sslerror-dos(41545)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/41545", }, { name: "29649", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/29649", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://trac.lighttpd.net/trac/changeset/2140", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://trac.lighttpd.net/trac/changeset/2139", }, { name: "FEDORA-2008-3376", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00587.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2008-03-26T00:00:00", descriptions: [ { lang: "en", value: "The connection_state_machine function (connections.c) in lighttpd 1.4.19 and earlier, and 1.5.x before 1.5.0, allows remote attackers to cause a denial of service (active SSL connection loss) by triggering an SSL error, such as disconnecting before a download has finished, which causes all active SSL connections to be lost.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-11T19:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "http://trac.lighttpd.net/trac/ticket/285#comment:21", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://issues.rpath.com/browse/RPL-2407", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.gentoo.org/show_bug.cgi?id=214892", }, { name: "DSA-1540", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2008/dsa-1540", }, { name: "SUSE-SR:2008:011", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html", }, { name: "43788", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://www.osvdb.org/43788", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://trac.lighttpd.net/trac/changeset/2136", }, { name: "FEDORA-2008-3343", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00562.html", }, { name: "GLSA-200804-08", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-200804-08.xml", }, { tags: [ "x_refsource_MISC", ], url: "http://trac.lighttpd.net/trac/ticket/285#comment:18", }, { name: "30023", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/30023", }, { name: "29505", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/29505", }, { name: "20080331 rPSA-2008-0132-1 lighttpd", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/490323/100/0/threaded", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0132", }, { name: "28489", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/28489", }, { name: "29636", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/29636", }, { name: "ADV-2008-1063", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2008/1063/references", }, { name: "29544", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/29544", }, { name: "lighttpd-sslerror-dos(41545)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/41545", }, { name: "29649", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/29649", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://trac.lighttpd.net/trac/changeset/2140", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://trac.lighttpd.net/trac/changeset/2139", }, { name: "FEDORA-2008-3376", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00587.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2008-1531", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The connection_state_machine function (connections.c) in lighttpd 1.4.19 and earlier, and 1.5.x before 1.5.0, allows remote attackers to cause a denial of service (active SSL connection loss) by triggering an SSL error, such as disconnecting before a download has finished, which causes all active SSL connections to be lost.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://trac.lighttpd.net/trac/ticket/285#comment:21", refsource: "MISC", url: "http://trac.lighttpd.net/trac/ticket/285#comment:21", }, { name: "https://issues.rpath.com/browse/RPL-2407", refsource: "CONFIRM", url: "https://issues.rpath.com/browse/RPL-2407", }, { name: "https://bugs.gentoo.org/show_bug.cgi?id=214892", refsource: "CONFIRM", url: "https://bugs.gentoo.org/show_bug.cgi?id=214892", }, { name: "DSA-1540", refsource: "DEBIAN", url: "http://www.debian.org/security/2008/dsa-1540", }, { name: "SUSE-SR:2008:011", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html", }, { name: "43788", refsource: "OSVDB", url: "http://www.osvdb.org/43788", }, { name: "http://trac.lighttpd.net/trac/changeset/2136", refsource: "CONFIRM", url: "http://trac.lighttpd.net/trac/changeset/2136", }, { name: "FEDORA-2008-3343", refsource: "FEDORA", url: "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00562.html", }, { name: "GLSA-200804-08", refsource: "GENTOO", url: "http://security.gentoo.org/glsa/glsa-200804-08.xml", }, { name: "http://trac.lighttpd.net/trac/ticket/285#comment:18", refsource: "MISC", url: "http://trac.lighttpd.net/trac/ticket/285#comment:18", }, { name: "30023", refsource: "SECUNIA", url: "http://secunia.com/advisories/30023", }, { name: "29505", refsource: "SECUNIA", url: "http://secunia.com/advisories/29505", }, { name: "20080331 rPSA-2008-0132-1 lighttpd", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/490323/100/0/threaded", }, { name: "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0132", refsource: "CONFIRM", url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0132", }, { name: "28489", refsource: "BID", url: "http://www.securityfocus.com/bid/28489", }, { name: "29636", refsource: "SECUNIA", url: "http://secunia.com/advisories/29636", }, { name: "ADV-2008-1063", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2008/1063/references", }, { name: "29544", refsource: "SECUNIA", url: "http://secunia.com/advisories/29544", }, { name: "lighttpd-sslerror-dos(41545)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/41545", }, { name: "29649", refsource: "SECUNIA", url: "http://secunia.com/advisories/29649", }, { name: "http://trac.lighttpd.net/trac/changeset/2140", refsource: "CONFIRM", url: "http://trac.lighttpd.net/trac/changeset/2140", }, { name: "http://trac.lighttpd.net/trac/changeset/2139", refsource: "CONFIRM", url: "http://trac.lighttpd.net/trac/changeset/2139", }, { name: "FEDORA-2008-3376", refsource: "FEDORA", url: "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00587.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2008-1531", datePublished: "2008-03-27T23:00:00", dateReserved: "2008-03-27T00:00:00", dateUpdated: "2024-08-07T08:24:42.543Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2014-2324
Vulnerability from cvelistv5
Published
2014-03-14 15:00
Modified
2024-08-06 10:06
Severity ?
EPSS score ?
Summary
Multiple directory traversal vulnerabilities in (1) mod_evhost and (2) mod_simple_vhost in lighttpd before 1.4.35 allow remote attackers to read arbitrary files via a .. (dot dot) in the host name, related to request_check_hostname.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T10:06:00.322Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.lighttpd.net/2014/3/12/1.4.35/", }, { name: "66157", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/66157", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2014_01.txt", }, { name: "DSA-2877", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2014/dsa-2877", }, { name: "openSUSE-SU-2014:0449", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00023.html", }, { name: "57514", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/57514", }, { name: "HPSBGN03191", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141576815022399&w=2", }, { name: "openSUSE-SU-2014:0496", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00006.html", }, { name: "SUSE-SU-2014:0474", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00002.html", }, { name: "57404", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/57404", }, { name: "[oss-security] 20140312 Re: lighttpd 1.4.34 SQL injection and path traversal CVE request", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://seclists.org/oss-sec/2014/q1/564", }, { name: "[oss-security] 20140312 lighttpd 1.4.34 SQL injection and path traversal CVE request", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://seclists.org/oss-sec/2014/q1/561", }, { name: "JVN#37417423", tags: [ "third-party-advisory", "x_refsource_JVN", "x_transferred", ], url: "http://jvn.jp/en/jp/JVN37417423/index.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-03-12T00:00:00", descriptions: [ { lang: "en", value: "Multiple directory traversal vulnerabilities in (1) mod_evhost and (2) mod_simple_vhost in lighttpd before 1.4.35 allow remote attackers to read arbitrary files via a .. (dot dot) in the host name, related to request_check_hostname.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-02-19T04:06:10", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://www.lighttpd.net/2014/3/12/1.4.35/", }, { name: "66157", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/66157", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2014_01.txt", }, { name: "DSA-2877", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2014/dsa-2877", }, { name: "openSUSE-SU-2014:0449", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00023.html", }, { name: "57514", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/57514", }, { name: "HPSBGN03191", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141576815022399&w=2", }, { name: "openSUSE-SU-2014:0496", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00006.html", }, { name: "SUSE-SU-2014:0474", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00002.html", }, { name: "57404", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/57404", }, { name: "[oss-security] 20140312 Re: lighttpd 1.4.34 SQL injection and path traversal CVE request", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://seclists.org/oss-sec/2014/q1/564", }, { name: "[oss-security] 20140312 lighttpd 1.4.34 SQL injection and path traversal CVE request", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://seclists.org/oss-sec/2014/q1/561", }, { name: "JVN#37417423", tags: [ "third-party-advisory", "x_refsource_JVN", ], url: "http://jvn.jp/en/jp/JVN37417423/index.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2014-2324", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Multiple directory traversal vulnerabilities in (1) mod_evhost and (2) mod_simple_vhost in lighttpd before 1.4.35 allow remote attackers to read arbitrary files via a .. (dot dot) in the host name, related to request_check_hostname.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://www.lighttpd.net/2014/3/12/1.4.35/", refsource: "CONFIRM", url: "http://www.lighttpd.net/2014/3/12/1.4.35/", }, { name: "66157", refsource: "BID", url: "http://www.securityfocus.com/bid/66157", }, { name: "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2014_01.txt", refsource: "CONFIRM", url: "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2014_01.txt", }, { name: "DSA-2877", refsource: "DEBIAN", url: "http://www.debian.org/security/2014/dsa-2877", }, { name: "openSUSE-SU-2014:0449", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00023.html", }, { name: "57514", refsource: "SECUNIA", url: "http://secunia.com/advisories/57514", }, { name: "HPSBGN03191", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141576815022399&w=2", }, { name: "openSUSE-SU-2014:0496", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00006.html", }, { name: "SUSE-SU-2014:0474", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00002.html", }, { name: "57404", refsource: "SECUNIA", url: "http://secunia.com/advisories/57404", }, { name: "[oss-security] 20140312 Re: lighttpd 1.4.34 SQL injection and path traversal CVE request", refsource: "MLIST", url: "http://seclists.org/oss-sec/2014/q1/564", }, { name: "[oss-security] 20140312 lighttpd 1.4.34 SQL injection and path traversal CVE request", refsource: "MLIST", url: "http://seclists.org/oss-sec/2014/q1/561", }, { name: "JVN#37417423", refsource: "JVN", url: "http://jvn.jp/en/jp/JVN37417423/index.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2014-2324", datePublished: "2014-03-14T15:00:00", dateReserved: "2014-03-12T00:00:00", dateUpdated: "2024-08-06T10:06:00.322Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2019-11072
Vulnerability from cvelistv5
Published
2019-04-10 21:04
Modified
2024-08-04 22:40
Severity ?
EPSS score ?
Summary
lighttpd before 1.4.54 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a malicious HTTP GET request, as demonstrated by mishandling of /%2F? in burl_normalize_2F_to_slash_fix in burl.c. NOTE: The developer states "The feature which can be abused to cause the crash is a new feature in lighttpd 1.4.50, and is not enabled by default. It must be explicitly configured in the config file (e.g. lighttpd.conf). Certain input will trigger an abort() in lighttpd when that feature is enabled. lighttpd detects the underflow or realloc() will fail (in both 32-bit and 64-bit executables), also detected in lighttpd. Either triggers an explicit abort() by lighttpd. This is not exploitable beyond triggering the explicit abort() with subsequent application exit.
References
| ▼ | URL | Tags |
|---|---|---|
| https://redmine.lighttpd.net/issues/2945 | x_refsource_MISC | |
| https://github.com/lighttpd/lighttpd1.4/commit/32120d5b8b3203fc21ccb9eafb0eaf824bb59354 | x_refsource_MISC | |
| http://www.securityfocus.com/bid/107907 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { metrics: [ { other: { content: { id: "CVE-2019-11072", options: [ { Exploitation: "poc", }, { Automatable: "no", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-06-11T20:27:33.982094Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-06-11T20:27:43.773Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-04T22:40:16.264Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://redmine.lighttpd.net/issues/2945", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/lighttpd/lighttpd1.4/commit/32120d5b8b3203fc21ccb9eafb0eaf824bb59354", }, { name: "107907", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/107907", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "lighttpd before 1.4.54 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a malicious HTTP GET request, as demonstrated by mishandling of /%2F? in burl_normalize_2F_to_slash_fix in burl.c. NOTE: The developer states \"The feature which can be abused to cause the crash is a new feature in lighttpd 1.4.50, and is not enabled by default. It must be explicitly configured in the config file (e.g. lighttpd.conf). Certain input will trigger an abort() in lighttpd when that feature is enabled. lighttpd detects the underflow or realloc() will fail (in both 32-bit and 64-bit executables), also detected in lighttpd. Either triggers an explicit abort() by lighttpd. This is not exploitable beyond triggering the explicit abort() with subsequent application exit.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2019-04-23T19:33:44", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://redmine.lighttpd.net/issues/2945", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/lighttpd/lighttpd1.4/commit/32120d5b8b3203fc21ccb9eafb0eaf824bb59354", }, { name: "107907", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/107907", }, ], tags: [ "disputed", ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2019-11072", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "** DISPUTED ** lighttpd before 1.4.54 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a malicious HTTP GET request, as demonstrated by mishandling of /%2F? in burl_normalize_2F_to_slash_fix in burl.c. NOTE: The developer states \"The feature which can be abused to cause the crash is a new feature in lighttpd 1.4.50, and is not enabled by default. It must be explicitly configured in the config file (e.g. lighttpd.conf). Certain input will trigger an abort() in lighttpd when that feature is enabled. lighttpd detects the underflow or realloc() will fail (in both 32-bit and 64-bit executables), also detected in lighttpd. Either triggers an explicit abort() by lighttpd. This is not exploitable beyond triggering the explicit abort() with subsequent application exit.\"", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://redmine.lighttpd.net/issues/2945", refsource: "MISC", url: "https://redmine.lighttpd.net/issues/2945", }, { name: "https://github.com/lighttpd/lighttpd1.4/commit/32120d5b8b3203fc21ccb9eafb0eaf824bb59354", refsource: "MISC", url: "https://github.com/lighttpd/lighttpd1.4/commit/32120d5b8b3203fc21ccb9eafb0eaf824bb59354", }, { name: "107907", refsource: "BID", url: "http://www.securityfocus.com/bid/107907", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2019-11072", datePublished: "2019-04-10T21:04:57", dateReserved: "2019-04-10T00:00:00", dateUpdated: "2024-08-04T22:40:16.264Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2007-3947
Vulnerability from cvelistv5
Published
2007-07-24 00:00
Modified
2024-08-07 14:37
Severity ?
EPSS score ?
Summary
request.c in lighttpd 1.4.15 allows remote attackers to cause a denial of service (daemon crash) by sending an HTTP request with duplicate headers, as demonstrated by a request containing two Location header lines, which results in a segmentation fault.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/26158 | third-party-advisory, x_refsource_SECUNIA | |
| http://trac.lighttpd.net/trac/changeset/1869 | x_refsource_MISC | |
| http://osvdb.org/38313 | vdb-entry, x_refsource_OSVDB | |
| http://www.vupen.com/english/advisories/2007/2585 | vdb-entry, x_refsource_VUPEN | |
| http://secunia.com/advisories/26130 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.securityfocus.com/archive/1/474131/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/24967 | vdb-entry, x_refsource_BID | |
| http://secunia.com/advisories/26593 | third-party-advisory, x_refsource_SECUNIA | |
| http://trac.lighttpd.net/trac/ticket/1232 | x_refsource_CONFIRM | |
| http://www.debian.org/security/2007/dsa-1362 | vendor-advisory, x_refsource_DEBIAN | |
| http://security.gentoo.org/glsa/glsa-200708-11.xml | vendor-advisory, x_refsource_GENTOO | |
| http://www.novell.com/linux/security/advisories/2007_15_sr.html | vendor-advisory, x_refsource_SUSE | |
| http://secunia.com/advisories/26505 | third-party-advisory, x_refsource_SECUNIA |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T14:37:05.379Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "26158", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/26158", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://trac.lighttpd.net/trac/changeset/1869", }, { name: "38313", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://osvdb.org/38313", }, { name: "ADV-2007-2585", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2007/2585", }, { name: "26130", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/26130", }, { name: "20070719 rPSA-2007-0145-1 lighttpd", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/474131/100/0/threaded", }, { name: "24967", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/24967", }, { name: "26593", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/26593", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://trac.lighttpd.net/trac/ticket/1232", }, { name: "DSA-1362", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2007/dsa-1362", }, { name: "GLSA-200708-11", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-200708-11.xml", }, { name: "SUSE-SR:2007:015", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://www.novell.com/linux/security/advisories/2007_15_sr.html", }, { name: "26505", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/26505", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2007-06-11T00:00:00", descriptions: [ { lang: "en", value: "request.c in lighttpd 1.4.15 allows remote attackers to cause a denial of service (daemon crash) by sending an HTTP request with duplicate headers, as demonstrated by a request containing two Location header lines, which results in a segmentation fault.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-15T20:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "26158", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/26158", }, { tags: [ "x_refsource_MISC", ], url: "http://trac.lighttpd.net/trac/changeset/1869", }, { name: "38313", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://osvdb.org/38313", }, { name: "ADV-2007-2585", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2007/2585", }, { name: "26130", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/26130", }, { name: "20070719 rPSA-2007-0145-1 lighttpd", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/474131/100/0/threaded", }, { name: "24967", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/24967", }, { name: "26593", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/26593", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://trac.lighttpd.net/trac/ticket/1232", }, { name: "DSA-1362", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2007/dsa-1362", }, { name: "GLSA-200708-11", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-200708-11.xml", }, { name: "SUSE-SR:2007:015", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://www.novell.com/linux/security/advisories/2007_15_sr.html", }, { name: "26505", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/26505", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2007-3947", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "request.c in lighttpd 1.4.15 allows remote attackers to cause a denial of service (daemon crash) by sending an HTTP request with duplicate headers, as demonstrated by a request containing two Location header lines, which results in a segmentation fault.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "26158", refsource: "SECUNIA", url: "http://secunia.com/advisories/26158", }, { name: "http://trac.lighttpd.net/trac/changeset/1869", refsource: "MISC", url: "http://trac.lighttpd.net/trac/changeset/1869", }, { name: "38313", refsource: "OSVDB", url: "http://osvdb.org/38313", }, { name: "ADV-2007-2585", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2007/2585", }, { name: "26130", refsource: "SECUNIA", url: "http://secunia.com/advisories/26130", }, { name: "20070719 rPSA-2007-0145-1 lighttpd", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/474131/100/0/threaded", }, { name: "24967", refsource: "BID", url: "http://www.securityfocus.com/bid/24967", }, { name: "26593", refsource: "SECUNIA", url: "http://secunia.com/advisories/26593", }, { name: "http://trac.lighttpd.net/trac/ticket/1232", refsource: "CONFIRM", url: "http://trac.lighttpd.net/trac/ticket/1232", }, { name: "DSA-1362", refsource: "DEBIAN", url: "http://www.debian.org/security/2007/dsa-1362", }, { name: "GLSA-200708-11", refsource: "GENTOO", url: "http://security.gentoo.org/glsa/glsa-200708-11.xml", }, { name: "SUSE-SR:2007:015", refsource: "SUSE", url: "http://www.novell.com/linux/security/advisories/2007_15_sr.html", }, { name: "26505", refsource: "SECUNIA", url: "http://secunia.com/advisories/26505", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2007-3947", datePublished: "2007-07-24T00:00:00", dateReserved: "2007-07-23T00:00:00", dateUpdated: "2024-08-07T14:37:05.379Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2011-4362
Vulnerability from cvelistv5
Published
2011-12-24 19:00
Modified
2024-08-07 00:09
Severity ?
EPSS score ?
Summary
Integer signedness error in the base64_decode function in the HTTP authentication functionality (http_auth.c) in lighttpd 1.4 before 1.4.30 and 1.5 before SVN revision 2806 allows remote attackers to cause a denial of service (segmentation fault) via crafted base64 input that triggers an out-of-bounds read with a negative index.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T00:09:18.360Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "47260", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/47260", }, { name: "20111224 Lighttpd Proof of Concept code for CVE-2011-4362", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://archives.neohapsis.com/archives/bugtraq/2011-12/0167.html", }, { name: "[oss-security] 20111129 CVE Request: lighttpd/mod_auth out-of-bounds read due to signedness error", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2011/11/29/8", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=758624", }, { name: "DSA-2368", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2011/dsa-2368", }, { name: "18295", tags: [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred", ], url: "http://www.exploit-db.com/exploits/18295", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://blog.pi3.com.pl/?p=277", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2011_01.txt", }, { name: "[oss-security] 20111129 Re: CVE Request: lighttpd/mod_auth out-of-bounds read due to signedness error", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2011/11/29/13", }, { name: "1026359", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id?1026359", }, { name: "lighttpd-base64-dos(71536)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/71536", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://redmine.lighttpd.net/issues/2370", }, { name: "JVN#37417423", tags: [ "third-party-advisory", "x_refsource_JVN", "x_transferred", ], url: "http://jvn.jp/en/jp/JVN37417423/index.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2011-11-29T00:00:00", descriptions: [ { lang: "en", value: "Integer signedness error in the base64_decode function in the HTTP authentication functionality (http_auth.c) in lighttpd 1.4 before 1.4.30 and 1.5 before SVN revision 2806 allows remote attackers to cause a denial of service (segmentation fault) via crafted base64 input that triggers an out-of-bounds read with a negative index.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-02-19T04:06:08", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "47260", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/47260", }, { name: "20111224 Lighttpd Proof of Concept code for CVE-2011-4362", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://archives.neohapsis.com/archives/bugtraq/2011-12/0167.html", }, { name: "[oss-security] 20111129 CVE Request: lighttpd/mod_auth out-of-bounds read due to signedness error", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2011/11/29/8", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=758624", }, { name: "DSA-2368", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2011/dsa-2368", }, { name: "18295", tags: [ "exploit", "x_refsource_EXPLOIT-DB", ], url: "http://www.exploit-db.com/exploits/18295", }, { tags: [ "x_refsource_MISC", ], url: "http://blog.pi3.com.pl/?p=277", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2011_01.txt", }, { name: "[oss-security] 20111129 Re: CVE Request: lighttpd/mod_auth out-of-bounds read due to signedness error", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2011/11/29/13", }, { name: "1026359", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id?1026359", }, { name: "lighttpd-base64-dos(71536)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/71536", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://redmine.lighttpd.net/issues/2370", }, { name: "JVN#37417423", tags: [ "third-party-advisory", "x_refsource_JVN", ], url: "http://jvn.jp/en/jp/JVN37417423/index.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2011-4362", datePublished: "2011-12-24T19:00:00", dateReserved: "2011-11-04T00:00:00", dateUpdated: "2024-08-07T00:09:18.360Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2007-3946
Vulnerability from cvelistv5
Published
2007-07-24 00:00
Modified
2024-08-07 14:37
Severity ?
EPSS score ?
Summary
mod_auth (http_auth.c) in lighttpd before 1.4.16 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors involving (1) a memory leak, (2) use of md5-sess without a cnonce, (3) base64 encoded strings, and (4) trailing whitespace in the Auth-Digest header.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T14:37:05.572Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "26158", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/26158", }, { name: "38314", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://osvdb.org/38314", }, { name: "ADV-2007-2585", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2007/2585", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://issues.rpath.com/browse/RPL-1550", }, { name: "26130", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/26130", }, { name: "38316", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://osvdb.org/38316", }, { name: "20070719 rPSA-2007-0145-1 lighttpd", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/474131/100/0/threaded", }, { name: "24967", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/24967", }, { name: "38317", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://osvdb.org/38317", }, { name: "26593", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/26593", }, { name: "DSA-1362", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2007/dsa-1362", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://trac.lighttpd.net/trac/changeset/1875", }, { name: "GLSA-200708-11", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-200708-11.xml", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://trac.lighttpd.net/trac/browser/branches/lighttpd-1.4.x/NEWS?rev=1875", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://issues.rpath.com/browse/RPL-1554", }, { name: "SUSE-SR:2007:015", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://www.novell.com/linux/security/advisories/2007_15_sr.html", }, { name: "38315", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://osvdb.org/38315", }, { name: "26505", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/26505", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2007-07-19T00:00:00", descriptions: [ { lang: "en", value: "mod_auth (http_auth.c) in lighttpd before 1.4.16 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors involving (1) a memory leak, (2) use of md5-sess without a cnonce, (3) base64 encoded strings, and (4) trailing whitespace in the Auth-Digest header.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-15T20:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "26158", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/26158", }, { name: "38314", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://osvdb.org/38314", }, { name: "ADV-2007-2585", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2007/2585", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://issues.rpath.com/browse/RPL-1550", }, { name: "26130", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/26130", }, { name: "38316", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://osvdb.org/38316", }, { name: "20070719 rPSA-2007-0145-1 lighttpd", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/474131/100/0/threaded", }, { name: "24967", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/24967", }, { name: "38317", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://osvdb.org/38317", }, { name: "26593", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/26593", }, { name: "DSA-1362", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2007/dsa-1362", }, { tags: [ "x_refsource_MISC", ], url: "http://trac.lighttpd.net/trac/changeset/1875", }, { name: "GLSA-200708-11", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-200708-11.xml", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://trac.lighttpd.net/trac/browser/branches/lighttpd-1.4.x/NEWS?rev=1875", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://issues.rpath.com/browse/RPL-1554", }, { name: "SUSE-SR:2007:015", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://www.novell.com/linux/security/advisories/2007_15_sr.html", }, { name: "38315", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://osvdb.org/38315", }, { name: "26505", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/26505", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2007-3946", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "mod_auth (http_auth.c) in lighttpd before 1.4.16 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors involving (1) a memory leak, (2) use of md5-sess without a cnonce, (3) base64 encoded strings, and (4) trailing whitespace in the Auth-Digest header.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "26158", refsource: "SECUNIA", url: "http://secunia.com/advisories/26158", }, { name: "38314", refsource: "OSVDB", url: "http://osvdb.org/38314", }, { name: "ADV-2007-2585", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2007/2585", }, { name: "https://issues.rpath.com/browse/RPL-1550", refsource: "CONFIRM", url: "https://issues.rpath.com/browse/RPL-1550", }, { name: "26130", refsource: "SECUNIA", url: "http://secunia.com/advisories/26130", }, { name: "38316", refsource: "OSVDB", url: "http://osvdb.org/38316", }, { name: "20070719 rPSA-2007-0145-1 lighttpd", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/474131/100/0/threaded", }, { name: "24967", refsource: "BID", url: "http://www.securityfocus.com/bid/24967", }, { name: "38317", refsource: "OSVDB", url: "http://osvdb.org/38317", }, { name: "26593", refsource: "SECUNIA", url: "http://secunia.com/advisories/26593", }, { name: "DSA-1362", refsource: "DEBIAN", url: "http://www.debian.org/security/2007/dsa-1362", }, { name: "http://trac.lighttpd.net/trac/changeset/1875", refsource: "MISC", url: "http://trac.lighttpd.net/trac/changeset/1875", }, { name: "GLSA-200708-11", refsource: "GENTOO", url: "http://security.gentoo.org/glsa/glsa-200708-11.xml", }, { name: "http://trac.lighttpd.net/trac/browser/branches/lighttpd-1.4.x/NEWS?rev=1875", refsource: "CONFIRM", url: "http://trac.lighttpd.net/trac/browser/branches/lighttpd-1.4.x/NEWS?rev=1875", }, { name: "https://issues.rpath.com/browse/RPL-1554", refsource: "CONFIRM", url: "https://issues.rpath.com/browse/RPL-1554", }, { name: "SUSE-SR:2007:015", refsource: "SUSE", url: "http://www.novell.com/linux/security/advisories/2007_15_sr.html", }, { name: "38315", refsource: "OSVDB", url: "http://osvdb.org/38315", }, { name: "26505", refsource: "SECUNIA", url: "http://secunia.com/advisories/26505", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2007-3946", datePublished: "2007-07-24T00:00:00", dateReserved: "2007-07-23T00:00:00", dateUpdated: "2024-08-07T14:37:05.572Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2005-0453
Vulnerability from cvelistv5
Published
2005-02-16 05:00
Modified
2024-08-07 21:13
Severity ?
EPSS score ?
Summary
The buffer_urldecode function in Lighttpd 1.3.7 and earlier does not properly handle control characters, which allows remote attackers to obtain the source code for CGI and FastCGI scripts via a URL with a %00 (null) character after the file extension.
References
| ▼ | URL | Tags |
|---|---|---|
| http://security.gentoo.org/glsa/glsa-200502-21.xml | vendor-advisory, x_refsource_GENTOO | |
| http://secunia.com/advisories/14297 | third-party-advisory, x_refsource_SECUNIA | |
| http://article.gmane.org/gmane.comp.web.lighttpd/1171 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T21:13:54.155Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "GLSA-200502-21", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-200502-21.xml", }, { name: "14297", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/14297", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://article.gmane.org/gmane.comp.web.lighttpd/1171", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2005-02-15T00:00:00", descriptions: [ { lang: "en", value: "The buffer_urldecode function in Lighttpd 1.3.7 and earlier does not properly handle control characters, which allows remote attackers to obtain the source code for CGI and FastCGI scripts via a URL with a %00 (null) character after the file extension.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-06-15T16:38:25", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "GLSA-200502-21", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-200502-21.xml", }, { name: "14297", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/14297", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://article.gmane.org/gmane.comp.web.lighttpd/1171", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2005-0453", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The buffer_urldecode function in Lighttpd 1.3.7 and earlier does not properly handle control characters, which allows remote attackers to obtain the source code for CGI and FastCGI scripts via a URL with a %00 (null) character after the file extension.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "GLSA-200502-21", refsource: "GENTOO", url: "http://security.gentoo.org/glsa/glsa-200502-21.xml", }, { name: "14297", refsource: "SECUNIA", url: "http://secunia.com/advisories/14297", }, { name: "http://article.gmane.org/gmane.comp.web.lighttpd/1171", refsource: "CONFIRM", url: "http://article.gmane.org/gmane.comp.web.lighttpd/1171", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2005-0453", datePublished: "2005-02-16T05:00:00", dateReserved: "2005-02-16T00:00:00", dateUpdated: "2024-08-07T21:13:54.155Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2012-5533
Vulnerability from cvelistv5
Published
2012-11-24 20:00
Modified
2024-08-06 21:05
Severity ?
EPSS score ?
Summary
The http_request_split_value function in request.c in lighttpd before 1.4.32 allows remote attackers to cause a denial of service (infinite loop) via a request with a header containing an empty token, as demonstrated using the "Connection: TE,,Keep-Alive" header.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T21:05:47.345Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "[oss-security] 20121121 lighttpd 1.4.32 released, fixing CVE-2012-5533", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2012/11/21/1", }, { name: "openSUSE-SU-2012:1532", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2012-11/msg00044.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2012_01.txt", }, { name: "22902", tags: [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred", ], url: "http://www.exploit-db.com/exploits/22902", }, { name: "1027802", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id?1027802", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://download.lighttpd.net/lighttpd/security/lighttpd-1.4.31_fix_connection_header_dos.patch", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://packetstormsecurity.org/files/118282/Simple-Lighttpd-1.4.31-Denial-Of-Service.html", }, { name: "51268", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/51268", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0345", }, { name: "87623", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://osvdb.org/87623", }, { name: "HPSBGN03191", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141576815022399&w=2", }, { name: "MDVSA-2013:100", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", "x_transferred", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2013:100", }, { name: "lighttpd-httprequestsplitvalue-dos(80213)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/80213", }, { name: "51298", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/51298", }, { name: "openSUSE-SU-2014:0074", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00051.html", }, { name: "56619", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/56619", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2012-11-21T00:00:00", descriptions: [ { lang: "en", value: "The http_request_split_value function in request.c in lighttpd before 1.4.32 allows remote attackers to cause a denial of service (infinite loop) via a request with a header containing an empty token, as demonstrated using the \"Connection: TE,,Keep-Alive\" header.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-08-28T12:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "[oss-security] 20121121 lighttpd 1.4.32 released, fixing CVE-2012-5533", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2012/11/21/1", }, { name: "openSUSE-SU-2012:1532", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2012-11/msg00044.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2012_01.txt", }, { name: "22902", tags: [ "exploit", "x_refsource_EXPLOIT-DB", ], url: "http://www.exploit-db.com/exploits/22902", }, { name: "1027802", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id?1027802", }, { tags: [ "x_refsource_MISC", ], url: "http://download.lighttpd.net/lighttpd/security/lighttpd-1.4.31_fix_connection_header_dos.patch", }, { tags: [ "x_refsource_MISC", ], url: "http://packetstormsecurity.org/files/118282/Simple-Lighttpd-1.4.31-Denial-Of-Service.html", }, { name: "51268", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/51268", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0345", }, { name: "87623", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://osvdb.org/87623", }, { name: "HPSBGN03191", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141576815022399&w=2", }, { name: "MDVSA-2013:100", tags: [ "vendor-advisory", "x_refsource_MANDRIVA", ], url: "http://www.mandriva.com/security/advisories?name=MDVSA-2013:100", }, { name: "lighttpd-httprequestsplitvalue-dos(80213)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/80213", }, { name: "51298", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/51298", }, { name: "openSUSE-SU-2014:0074", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00051.html", }, { name: "56619", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/56619", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secalert@redhat.com", ID: "CVE-2012-5533", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "The http_request_split_value function in request.c in lighttpd before 1.4.32 allows remote attackers to cause a denial of service (infinite loop) via a request with a header containing an empty token, as demonstrated using the \"Connection: TE,,Keep-Alive\" header.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "[oss-security] 20121121 lighttpd 1.4.32 released, fixing CVE-2012-5533", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2012/11/21/1", }, { name: "openSUSE-SU-2012:1532", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2012-11/msg00044.html", }, { name: "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2012_01.txt", refsource: "CONFIRM", url: "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2012_01.txt", }, { name: "22902", refsource: "EXPLOIT-DB", url: "http://www.exploit-db.com/exploits/22902", }, { name: "1027802", refsource: "SECTRACK", url: "http://www.securitytracker.com/id?1027802", }, { name: "http://download.lighttpd.net/lighttpd/security/lighttpd-1.4.31_fix_connection_header_dos.patch", refsource: "MISC", url: "http://download.lighttpd.net/lighttpd/security/lighttpd-1.4.31_fix_connection_header_dos.patch", }, { name: "http://packetstormsecurity.org/files/118282/Simple-Lighttpd-1.4.31-Denial-Of-Service.html", refsource: "MISC", url: "http://packetstormsecurity.org/files/118282/Simple-Lighttpd-1.4.31-Denial-Of-Service.html", }, { name: "51268", refsource: "SECUNIA", url: "http://secunia.com/advisories/51268", }, { name: "https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0345", refsource: "CONFIRM", url: "https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0345", }, { name: "87623", refsource: "OSVDB", url: "http://osvdb.org/87623", }, { name: "HPSBGN03191", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141576815022399&w=2", }, { name: "MDVSA-2013:100", refsource: "MANDRIVA", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2013:100", }, { name: "lighttpd-httprequestsplitvalue-dos(80213)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/80213", }, { name: "51298", refsource: "SECUNIA", url: "http://secunia.com/advisories/51298", }, { name: "openSUSE-SU-2014:0074", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00051.html", }, { name: "56619", refsource: "BID", url: "http://www.securityfocus.com/bid/56619", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2012-5533", datePublished: "2012-11-24T20:00:00", dateReserved: "2012-10-24T00:00:00", dateUpdated: "2024-08-06T21:05:47.345Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2008-4360
Vulnerability from cvelistv5
Published
2008-10-03 17:18
Modified
2024-08-07 10:17
Severity ?
EPSS score ?
Summary
mod_userdir in lighttpd before 1.4.20, when a case-insensitive operating system or filesystem is used, performs case-sensitive comparisons on filename components in configuration options, which might allow remote attackers to bypass intended access restrictions, as demonstrated by a request for a .PHP file when there is a configuration rule for .php files.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T10:17:08.423Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "32069", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32069", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.lighttpd.net/security/lighttpd-1.4.x_userdir_lowercase.patch", }, { name: "32972", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32972", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://wiki.rpath.com/Advisories:rPSA-2008-0309", }, { name: "31600", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/31600", }, { name: "32834", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32834", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://trac.lighttpd.net/trac/changeset/2283", }, { name: "lighttpd-moduserdir-info-disclosure(45689)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/45689", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0309", }, { name: "32132", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32132", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://trac.lighttpd.net/trac/changeset/2308", }, { name: "[oss-security] 20080930 Re: CVE request: lighttpd issues", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://openwall.com/lists/oss-security/2008/09/30/1", }, { name: "20081030 rPSA-2008-0309-1 lighttpd", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/497932/100/0/threaded", }, { name: "ADV-2008-2741", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2008/2741", }, { name: "DSA-1645", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2008/dsa-1645", }, { name: "[oss-security] 20080930 Re: Re: CVE request: lighttpd issues", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://openwall.com/lists/oss-security/2008/09/30/3", }, { name: "[oss-security] 20080930 Re: CVE request: lighttpd issues", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://openwall.com/lists/oss-security/2008/09/30/2", }, { name: "32480", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32480", }, { name: "SUSE-SR:2008:026", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://trac.lighttpd.net/trac/ticket/1589", }, { name: "GLSA-200812-04", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-200812-04.xml", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.lighttpd.net/security/lighttpd_sa_2008_06.txt", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2008-09-30T00:00:00", descriptions: [ { lang: "en", value: "mod_userdir in lighttpd before 1.4.20, when a case-insensitive operating system or filesystem is used, performs case-sensitive comparisons on filename components in configuration options, which might allow remote attackers to bypass intended access restrictions, as demonstrated by a request for a .PHP file when there is a configuration rule for .php files.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-11T19:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "32069", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32069", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.lighttpd.net/security/lighttpd-1.4.x_userdir_lowercase.patch", }, { name: "32972", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32972", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://wiki.rpath.com/Advisories:rPSA-2008-0309", }, { name: "31600", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/31600", }, { name: "32834", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32834", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://trac.lighttpd.net/trac/changeset/2283", }, { name: "lighttpd-moduserdir-info-disclosure(45689)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/45689", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0309", }, { name: "32132", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32132", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://trac.lighttpd.net/trac/changeset/2308", }, { name: "[oss-security] 20080930 Re: CVE request: lighttpd issues", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://openwall.com/lists/oss-security/2008/09/30/1", }, { name: "20081030 rPSA-2008-0309-1 lighttpd", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/497932/100/0/threaded", }, { name: "ADV-2008-2741", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2008/2741", }, { name: "DSA-1645", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2008/dsa-1645", }, { name: "[oss-security] 20080930 Re: Re: CVE request: lighttpd issues", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://openwall.com/lists/oss-security/2008/09/30/3", }, { name: "[oss-security] 20080930 Re: CVE request: lighttpd issues", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://openwall.com/lists/oss-security/2008/09/30/2", }, { name: "32480", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32480", }, { name: "SUSE-SR:2008:026", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://trac.lighttpd.net/trac/ticket/1589", }, { name: "GLSA-200812-04", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-200812-04.xml", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.lighttpd.net/security/lighttpd_sa_2008_06.txt", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2008-4360", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "mod_userdir in lighttpd before 1.4.20, when a case-insensitive operating system or filesystem is used, performs case-sensitive comparisons on filename components in configuration options, which might allow remote attackers to bypass intended access restrictions, as demonstrated by a request for a .PHP file when there is a configuration rule for .php files.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "32069", refsource: "SECUNIA", url: "http://secunia.com/advisories/32069", }, { name: "http://www.lighttpd.net/security/lighttpd-1.4.x_userdir_lowercase.patch", refsource: "CONFIRM", url: "http://www.lighttpd.net/security/lighttpd-1.4.x_userdir_lowercase.patch", }, { name: "32972", refsource: "SECUNIA", url: "http://secunia.com/advisories/32972", }, { name: "http://wiki.rpath.com/Advisories:rPSA-2008-0309", refsource: "CONFIRM", url: "http://wiki.rpath.com/Advisories:rPSA-2008-0309", }, { name: "31600", refsource: "BID", url: "http://www.securityfocus.com/bid/31600", }, { name: "32834", refsource: "SECUNIA", url: "http://secunia.com/advisories/32834", }, { name: "http://trac.lighttpd.net/trac/changeset/2283", refsource: "CONFIRM", url: "http://trac.lighttpd.net/trac/changeset/2283", }, { name: "lighttpd-moduserdir-info-disclosure(45689)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/45689", }, { name: "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0309", refsource: "CONFIRM", url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0309", }, { name: "32132", refsource: "SECUNIA", url: "http://secunia.com/advisories/32132", }, { name: "http://trac.lighttpd.net/trac/changeset/2308", refsource: "CONFIRM", url: "http://trac.lighttpd.net/trac/changeset/2308", }, { name: "[oss-security] 20080930 Re: CVE request: lighttpd issues", refsource: "MLIST", url: "http://openwall.com/lists/oss-security/2008/09/30/1", }, { name: "20081030 rPSA-2008-0309-1 lighttpd", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/497932/100/0/threaded", }, { name: "ADV-2008-2741", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2008/2741", }, { name: "DSA-1645", refsource: "DEBIAN", url: "http://www.debian.org/security/2008/dsa-1645", }, { name: "[oss-security] 20080930 Re: Re: CVE request: lighttpd issues", refsource: "MLIST", url: "http://openwall.com/lists/oss-security/2008/09/30/3", }, { name: "[oss-security] 20080930 Re: CVE request: lighttpd issues", refsource: "MLIST", url: "http://openwall.com/lists/oss-security/2008/09/30/2", }, { name: "32480", refsource: "SECUNIA", url: "http://secunia.com/advisories/32480", }, { name: "SUSE-SR:2008:026", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html", }, { name: "http://trac.lighttpd.net/trac/ticket/1589", refsource: "CONFIRM", url: "http://trac.lighttpd.net/trac/ticket/1589", }, { name: "GLSA-200812-04", refsource: "GENTOO", url: "http://security.gentoo.org/glsa/glsa-200812-04.xml", }, { name: "http://www.lighttpd.net/security/lighttpd_sa_2008_06.txt", refsource: "CONFIRM", url: "http://www.lighttpd.net/security/lighttpd_sa_2008_06.txt", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2008-4360", datePublished: "2008-10-03T17:18:00", dateReserved: "2008-09-30T00:00:00", dateUpdated: "2024-08-07T10:17:08.423Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2008-4359
Vulnerability from cvelistv5
Published
2008-10-03 17:18
Modified
2024-08-07 10:17
Severity ?
EPSS score ?
Summary
lighttpd before 1.4.20 compares URIs to patterns in the (1) url.redirect and (2) url.rewrite configuration settings before performing URL decoding, which might allow remote attackers to bypass intended access restrictions, and obtain sensitive information or possibly modify data.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T10:17:08.779Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "32069", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32069", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://trac.lighttpd.net/trac/changeset/2307", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.lighttpd.net/security/lighttpd_sa_2008_05.txt", }, { name: "32972", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32972", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://trac.lighttpd.net/trac/changeset/2278", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://wiki.rpath.com/Advisories:rPSA-2008-0309", }, { name: "31599", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/31599", }, { name: "32834", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32834", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://trac.lighttpd.net/trac/ticket/1720", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://trac.lighttpd.net/trac/changeset/2309", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0309", }, { name: "32132", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32132", }, { name: "[oss-security] 20080930 Re: CVE request: lighttpd issues", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://openwall.com/lists/oss-security/2008/09/30/1", }, { name: "20081030 rPSA-2008-0309-1 lighttpd", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/497932/100/0/threaded", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://trac.lighttpd.net/trac/changeset/2310", }, { name: "ADV-2008-2741", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2008/2741", }, { name: "DSA-1645", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2008/dsa-1645", }, { name: "[oss-security] 20080930 Re: Re: CVE request: lighttpd issues", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://openwall.com/lists/oss-security/2008/09/30/3", }, { name: "lighttpd-urlredirect-rewrite-info-disclosure(45690)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/45690", }, { name: "[oss-security] 20080930 Re: CVE request: lighttpd issues", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://openwall.com/lists/oss-security/2008/09/30/2", }, { name: "32480", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32480", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.lighttpd.net/security/lighttpd-1.4.x_rewrite_redirect_decode_url.patch", }, { name: "SUSE-SR:2008:026", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html", }, { name: "GLSA-200812-04", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-200812-04.xml", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2008-09-30T00:00:00", descriptions: [ { lang: "en", value: "lighttpd before 1.4.20 compares URIs to patterns in the (1) url.redirect and (2) url.rewrite configuration settings before performing URL decoding, which might allow remote attackers to bypass intended access restrictions, and obtain sensitive information or possibly modify data.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-11T19:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "32069", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32069", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://trac.lighttpd.net/trac/changeset/2307", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.lighttpd.net/security/lighttpd_sa_2008_05.txt", }, { name: "32972", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32972", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://trac.lighttpd.net/trac/changeset/2278", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://wiki.rpath.com/Advisories:rPSA-2008-0309", }, { name: "31599", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/31599", }, { name: "32834", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32834", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://trac.lighttpd.net/trac/ticket/1720", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://trac.lighttpd.net/trac/changeset/2309", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0309", }, { name: "32132", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32132", }, { name: "[oss-security] 20080930 Re: CVE request: lighttpd issues", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://openwall.com/lists/oss-security/2008/09/30/1", }, { name: "20081030 rPSA-2008-0309-1 lighttpd", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/497932/100/0/threaded", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://trac.lighttpd.net/trac/changeset/2310", }, { name: "ADV-2008-2741", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2008/2741", }, { name: "DSA-1645", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2008/dsa-1645", }, { name: "[oss-security] 20080930 Re: Re: CVE request: lighttpd issues", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://openwall.com/lists/oss-security/2008/09/30/3", }, { name: "lighttpd-urlredirect-rewrite-info-disclosure(45690)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/45690", }, { name: "[oss-security] 20080930 Re: CVE request: lighttpd issues", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://openwall.com/lists/oss-security/2008/09/30/2", }, { name: "32480", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32480", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.lighttpd.net/security/lighttpd-1.4.x_rewrite_redirect_decode_url.patch", }, { name: "SUSE-SR:2008:026", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html", }, { name: "GLSA-200812-04", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-200812-04.xml", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2008-4359", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "lighttpd before 1.4.20 compares URIs to patterns in the (1) url.redirect and (2) url.rewrite configuration settings before performing URL decoding, which might allow remote attackers to bypass intended access restrictions, and obtain sensitive information or possibly modify data.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "32069", refsource: "SECUNIA", url: "http://secunia.com/advisories/32069", }, { name: "http://trac.lighttpd.net/trac/changeset/2307", refsource: "CONFIRM", url: "http://trac.lighttpd.net/trac/changeset/2307", }, { name: "http://www.lighttpd.net/security/lighttpd_sa_2008_05.txt", refsource: "CONFIRM", url: "http://www.lighttpd.net/security/lighttpd_sa_2008_05.txt", }, { name: "32972", refsource: "SECUNIA", url: "http://secunia.com/advisories/32972", }, { name: "http://trac.lighttpd.net/trac/changeset/2278", refsource: "CONFIRM", url: "http://trac.lighttpd.net/trac/changeset/2278", }, { name: "http://wiki.rpath.com/Advisories:rPSA-2008-0309", refsource: "CONFIRM", url: "http://wiki.rpath.com/Advisories:rPSA-2008-0309", }, { name: "31599", refsource: "BID", url: "http://www.securityfocus.com/bid/31599", }, { name: "32834", refsource: "SECUNIA", url: "http://secunia.com/advisories/32834", }, { name: "http://trac.lighttpd.net/trac/ticket/1720", refsource: "CONFIRM", url: "http://trac.lighttpd.net/trac/ticket/1720", }, { name: "http://trac.lighttpd.net/trac/changeset/2309", refsource: "CONFIRM", url: "http://trac.lighttpd.net/trac/changeset/2309", }, { name: "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0309", refsource: "CONFIRM", url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0309", }, { name: "32132", refsource: "SECUNIA", url: "http://secunia.com/advisories/32132", }, { name: "[oss-security] 20080930 Re: CVE request: lighttpd issues", refsource: "MLIST", url: "http://openwall.com/lists/oss-security/2008/09/30/1", }, { name: "20081030 rPSA-2008-0309-1 lighttpd", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/497932/100/0/threaded", }, { name: "http://trac.lighttpd.net/trac/changeset/2310", refsource: "CONFIRM", url: "http://trac.lighttpd.net/trac/changeset/2310", }, { name: "ADV-2008-2741", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2008/2741", }, { name: "DSA-1645", refsource: "DEBIAN", url: "http://www.debian.org/security/2008/dsa-1645", }, { name: "[oss-security] 20080930 Re: Re: CVE request: lighttpd issues", refsource: "MLIST", url: "http://openwall.com/lists/oss-security/2008/09/30/3", }, { name: "lighttpd-urlredirect-rewrite-info-disclosure(45690)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/45690", }, { name: "[oss-security] 20080930 Re: CVE request: lighttpd issues", refsource: "MLIST", url: "http://openwall.com/lists/oss-security/2008/09/30/2", }, { name: "32480", refsource: "SECUNIA", url: "http://secunia.com/advisories/32480", }, { name: "http://www.lighttpd.net/security/lighttpd-1.4.x_rewrite_redirect_decode_url.patch", refsource: "CONFIRM", url: "http://www.lighttpd.net/security/lighttpd-1.4.x_rewrite_redirect_decode_url.patch", }, { name: "SUSE-SR:2008:026", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html", }, { name: "GLSA-200812-04", refsource: "GENTOO", url: "http://security.gentoo.org/glsa/glsa-200812-04.xml", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2008-4359", datePublished: "2008-10-03T17:18:00", dateReserved: "2008-09-30T00:00:00", dateUpdated: "2024-08-07T10:17:08.779Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2014-2323
Vulnerability from cvelistv5
Published
2014-03-14 15:00
Modified
2024-08-06 10:06
Severity ?
EPSS score ?
Summary
SQL injection vulnerability in mod_mysql_vhost.c in lighttpd before 1.4.35 allows remote attackers to execute arbitrary SQL commands via the host name, related to request_check_hostname.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T10:06:00.483Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.lighttpd.net/2014/3/12/1.4.35/", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2014_01.txt", }, { name: "DSA-2877", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2014/dsa-2877", }, { name: "openSUSE-SU-2014:0449", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00023.html", }, { name: "57514", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/57514", }, { name: "HPSBGN03191", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141576815022399&w=2", }, { name: "openSUSE-SU-2014:0496", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00006.html", }, { name: "SUSE-SU-2014:0474", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00002.html", }, { name: "57404", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/57404", }, { name: "[oss-security] 20140312 Re: lighttpd 1.4.34 SQL injection and path traversal CVE request", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://seclists.org/oss-sec/2014/q1/564", }, { name: "[oss-security] 20140312 lighttpd 1.4.34 SQL injection and path traversal CVE request", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://seclists.org/oss-sec/2014/q1/561", }, { name: "JVN#37417423", tags: [ "third-party-advisory", "x_refsource_JVN", "x_transferred", ], url: "http://jvn.jp/en/jp/JVN37417423/index.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2014-03-12T00:00:00", descriptions: [ { lang: "en", value: "SQL injection vulnerability in mod_mysql_vhost.c in lighttpd before 1.4.35 allows remote attackers to execute arbitrary SQL commands via the host name, related to request_check_hostname.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-02-19T04:06:07", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://www.lighttpd.net/2014/3/12/1.4.35/", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2014_01.txt", }, { name: "DSA-2877", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2014/dsa-2877", }, { name: "openSUSE-SU-2014:0449", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00023.html", }, { name: "57514", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/57514", }, { name: "HPSBGN03191", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141576815022399&w=2", }, { name: "openSUSE-SU-2014:0496", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00006.html", }, { name: "SUSE-SU-2014:0474", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00002.html", }, { name: "57404", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/57404", }, { name: "[oss-security] 20140312 Re: lighttpd 1.4.34 SQL injection and path traversal CVE request", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://seclists.org/oss-sec/2014/q1/564", }, { name: "[oss-security] 20140312 lighttpd 1.4.34 SQL injection and path traversal CVE request", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://seclists.org/oss-sec/2014/q1/561", }, { name: "JVN#37417423", tags: [ "third-party-advisory", "x_refsource_JVN", ], url: "http://jvn.jp/en/jp/JVN37417423/index.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2014-2323", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "SQL injection vulnerability in mod_mysql_vhost.c in lighttpd before 1.4.35 allows remote attackers to execute arbitrary SQL commands via the host name, related to request_check_hostname.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://www.lighttpd.net/2014/3/12/1.4.35/", refsource: "CONFIRM", url: "http://www.lighttpd.net/2014/3/12/1.4.35/", }, { name: "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2014_01.txt", refsource: "CONFIRM", url: "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2014_01.txt", }, { name: "DSA-2877", refsource: "DEBIAN", url: "http://www.debian.org/security/2014/dsa-2877", }, { name: "openSUSE-SU-2014:0449", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00023.html", }, { name: "57514", refsource: "SECUNIA", url: "http://secunia.com/advisories/57514", }, { name: "HPSBGN03191", refsource: "HP", url: "http://marc.info/?l=bugtraq&m=141576815022399&w=2", }, { name: "openSUSE-SU-2014:0496", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00006.html", }, { name: "SUSE-SU-2014:0474", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00002.html", }, { name: "57404", refsource: "SECUNIA", url: "http://secunia.com/advisories/57404", }, { name: "[oss-security] 20140312 Re: lighttpd 1.4.34 SQL injection and path traversal CVE request", refsource: "MLIST", url: "http://seclists.org/oss-sec/2014/q1/564", }, { name: "[oss-security] 20140312 lighttpd 1.4.34 SQL injection and path traversal CVE request", refsource: "MLIST", url: "http://seclists.org/oss-sec/2014/q1/561", }, { name: "JVN#37417423", refsource: "JVN", url: "http://jvn.jp/en/jp/JVN37417423/index.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2014-2323", datePublished: "2014-03-14T15:00:00", dateReserved: "2014-03-12T00:00:00", dateUpdated: "2024-08-06T10:06:00.483Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2007-1870
Vulnerability from cvelistv5
Published
2007-04-18 02:20
Modified
2024-08-07 13:13
Severity ?
EPSS score ?
Summary
lighttpd before 1.4.14 allows attackers to cause a denial of service (crash) via a request to a file whose mtime is 0, which results in a NULL pointer dereference.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T13:13:41.739Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "25613", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/25613", }, { name: "GLSA-200705-07", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-200705-07.xml", }, { name: "ADV-2007-1399", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2007/1399", }, { name: "24947", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/24947", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.lighttpd.net/assets/2007/4/13/lighttpd_sa2007_02.txt", }, { name: "SUSE-SR:2007:007", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://www.novell.com/linux/security/advisories/2007_007_suse.html", }, { name: "24995", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/24995", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://issues.rpath.com/browse/RPL-1218", }, { name: "DSA-1303", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2007/dsa-1303", }, { name: "lighttpd-mtime-dos(33678)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/33678", }, { name: "23515", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/23515", }, { name: "20070420 FLEA-2007-0011-1: lighttpd", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/466464/30/6900/threaded", }, { name: "25166", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/25166", }, { name: "24886", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/24886", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2007-04-16T00:00:00", descriptions: [ { lang: "en", value: "lighttpd before 1.4.14 allows attackers to cause a denial of service (crash) via a request to a file whose mtime is 0, which results in a NULL pointer dereference.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-16T14:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "25613", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/25613", }, { name: "GLSA-200705-07", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-200705-07.xml", }, { name: "ADV-2007-1399", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2007/1399", }, { name: "24947", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/24947", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.lighttpd.net/assets/2007/4/13/lighttpd_sa2007_02.txt", }, { name: "SUSE-SR:2007:007", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://www.novell.com/linux/security/advisories/2007_007_suse.html", }, { name: "24995", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/24995", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://issues.rpath.com/browse/RPL-1218", }, { name: "DSA-1303", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2007/dsa-1303", }, { name: "lighttpd-mtime-dos(33678)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/33678", }, { name: "23515", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/23515", }, { name: "20070420 FLEA-2007-0011-1: lighttpd", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/466464/30/6900/threaded", }, { name: "25166", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/25166", }, { name: "24886", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/24886", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2007-1870", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "lighttpd before 1.4.14 allows attackers to cause a denial of service (crash) via a request to a file whose mtime is 0, which results in a NULL pointer dereference.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "25613", refsource: "SECUNIA", url: "http://secunia.com/advisories/25613", }, { name: "GLSA-200705-07", refsource: "GENTOO", url: "http://security.gentoo.org/glsa/glsa-200705-07.xml", }, { name: "ADV-2007-1399", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2007/1399", }, { name: "24947", refsource: "SECUNIA", url: "http://secunia.com/advisories/24947", }, { name: "http://www.lighttpd.net/assets/2007/4/13/lighttpd_sa2007_02.txt", refsource: "CONFIRM", url: "http://www.lighttpd.net/assets/2007/4/13/lighttpd_sa2007_02.txt", }, { name: "SUSE-SR:2007:007", refsource: "SUSE", url: "http://www.novell.com/linux/security/advisories/2007_007_suse.html", }, { name: "24995", refsource: "SECUNIA", url: "http://secunia.com/advisories/24995", }, { name: "https://issues.rpath.com/browse/RPL-1218", refsource: "CONFIRM", url: "https://issues.rpath.com/browse/RPL-1218", }, { name: "DSA-1303", refsource: "DEBIAN", url: "http://www.debian.org/security/2007/dsa-1303", }, { name: "lighttpd-mtime-dos(33678)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/33678", }, { name: "23515", refsource: "BID", url: "http://www.securityfocus.com/bid/23515", }, { name: "20070420 FLEA-2007-0011-1: lighttpd", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/466464/30/6900/threaded", }, { name: "25166", refsource: "SECUNIA", url: "http://secunia.com/advisories/25166", }, { name: "24886", refsource: "SECUNIA", url: "http://secunia.com/advisories/24886", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2007-1870", datePublished: "2007-04-18T02:20:00", dateReserved: "2007-04-05T00:00:00", dateUpdated: "2024-08-07T13:13:41.739Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2008-4298
Vulnerability from cvelistv5
Published
2008-09-27 00:00
Modified
2024-08-07 10:08
Severity ?
EPSS score ?
Summary
Memory leak in the http_request_parse function in request.c in lighttpd before 1.4.20 allows remote attackers to cause a denial of service (memory consumption) via a large number of requests with duplicate request headers.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T10:08:34.967Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "32069", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32069", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://bugs.gentoo.org/show_bug.cgi?id=238180", }, { name: "32972", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32972", }, { name: "[oss-security] 20080926 CVE Request (lighttpd)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2008/09/26/5", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://trac.lighttpd.net/trac/changeset/2305", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://wiki.rpath.com/Advisories:rPSA-2008-0309", }, { name: "lighttpd-httprequestparse-dos(45471)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/45471", }, { name: "32834", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32834", }, { name: "31434", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/31434", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0309", }, { name: "32132", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32132", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.lighttpd.net/security/lighttpd_sa_2008_07.txt", }, { name: "20081030 rPSA-2008-0309-1 lighttpd", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/497932/100/0/threaded", }, { name: "ADV-2008-2741", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2008/2741", }, { name: "DSA-1645", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2008/dsa-1645", }, { name: "32480", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/32480", }, { name: "SUSE-SR:2008:026", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://trac.lighttpd.net/trac/ticket/1774", }, { name: "GLSA-200812-04", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-200812-04.xml", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2008-09-26T00:00:00", descriptions: [ { lang: "en", value: "Memory leak in the http_request_parse function in request.c in lighttpd before 1.4.20 allows remote attackers to cause a denial of service (memory consumption) via a large number of requests with duplicate request headers.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-11T19:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "32069", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32069", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://bugs.gentoo.org/show_bug.cgi?id=238180", }, { name: "32972", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32972", }, { name: "[oss-security] 20080926 CVE Request (lighttpd)", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2008/09/26/5", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://trac.lighttpd.net/trac/changeset/2305", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://wiki.rpath.com/Advisories:rPSA-2008-0309", }, { name: "lighttpd-httprequestparse-dos(45471)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/45471", }, { name: "32834", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32834", }, { name: "31434", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/31434", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0309", }, { name: "32132", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32132", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.lighttpd.net/security/lighttpd_sa_2008_07.txt", }, { name: "20081030 rPSA-2008-0309-1 lighttpd", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/497932/100/0/threaded", }, { name: "ADV-2008-2741", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2008/2741", }, { name: "DSA-1645", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2008/dsa-1645", }, { name: "32480", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/32480", }, { name: "SUSE-SR:2008:026", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://trac.lighttpd.net/trac/ticket/1774", }, { name: "GLSA-200812-04", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-200812-04.xml", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2008-4298", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Memory leak in the http_request_parse function in request.c in lighttpd before 1.4.20 allows remote attackers to cause a denial of service (memory consumption) via a large number of requests with duplicate request headers.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "32069", refsource: "SECUNIA", url: "http://secunia.com/advisories/32069", }, { name: "http://bugs.gentoo.org/show_bug.cgi?id=238180", refsource: "CONFIRM", url: "http://bugs.gentoo.org/show_bug.cgi?id=238180", }, { name: "32972", refsource: "SECUNIA", url: "http://secunia.com/advisories/32972", }, { name: "[oss-security] 20080926 CVE Request (lighttpd)", refsource: "MLIST", url: "http://www.openwall.com/lists/oss-security/2008/09/26/5", }, { name: "http://trac.lighttpd.net/trac/changeset/2305", refsource: "CONFIRM", url: "http://trac.lighttpd.net/trac/changeset/2305", }, { name: "http://wiki.rpath.com/Advisories:rPSA-2008-0309", refsource: "CONFIRM", url: "http://wiki.rpath.com/Advisories:rPSA-2008-0309", }, { name: "lighttpd-httprequestparse-dos(45471)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/45471", }, { name: "32834", refsource: "SECUNIA", url: "http://secunia.com/advisories/32834", }, { name: "31434", refsource: "BID", url: "http://www.securityfocus.com/bid/31434", }, { name: "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0309", refsource: "CONFIRM", url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0309", }, { name: "32132", refsource: "SECUNIA", url: "http://secunia.com/advisories/32132", }, { name: "http://www.lighttpd.net/security/lighttpd_sa_2008_07.txt", refsource: "CONFIRM", url: "http://www.lighttpd.net/security/lighttpd_sa_2008_07.txt", }, { name: "20081030 rPSA-2008-0309-1 lighttpd", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/497932/100/0/threaded", }, { name: "ADV-2008-2741", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2008/2741", }, { name: "DSA-1645", refsource: "DEBIAN", url: "http://www.debian.org/security/2008/dsa-1645", }, { name: "32480", refsource: "SECUNIA", url: "http://secunia.com/advisories/32480", }, { name: "SUSE-SR:2008:026", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html", }, { name: "http://trac.lighttpd.net/trac/ticket/1774", refsource: "CONFIRM", url: "http://trac.lighttpd.net/trac/ticket/1774", }, { name: "GLSA-200812-04", refsource: "GENTOO", url: "http://security.gentoo.org/glsa/glsa-200812-04.xml", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2008-4298", datePublished: "2008-09-27T00:00:00", dateReserved: "2008-09-26T00:00:00", dateUpdated: "2024-08-07T10:08:34.967Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2010-0295
Vulnerability from cvelistv5
Published
2010-02-03 19:00
Modified
2024-08-07 00:45
Severity ?
EPSS score ?
Summary
lighttpd before 1.4.26, and 1.5.x, allocates a buffer for each read operation that occurs for a request, which allows remote attackers to cause a denial of service (memory consumption) by breaking a request into small pieces that are sent at a slow rate.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T00:45:11.703Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "38403", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/38403", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://redmine.lighttpd.net/projects/lighttpd/repository/revisions/2711", }, { name: "ADV-2011-0172", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2011/0172", }, { name: "39765", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/39765", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://redmine.lighttpd.net/issues/2147", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2010_01.txt", }, { name: "FEDORA-2010-7643", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041307.html", }, { name: "lighttpd-slow-request-dos(56038)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/56038", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://blogs.sun.com/security/entry/cve_2010_0295_vulnerability_in", }, { name: "FEDORA-2010-7636", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041264.html", }, { name: "DSA-1987", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2010/dsa-1987", }, { name: "SUSE-SR:2010:003", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00003.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://download.lighttpd.net/lighttpd/security/lighttpd-1.4.x_fix_slow_request_dos.patch", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://redmine.lighttpd.net/projects/lighttpd/repository/revisions/2710", }, { name: "38036", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/38036", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://download.lighttpd.net/lighttpd/security/lighttpd-1.5_fix_slow_request_dos.patch", }, { name: "[oss-security] 20100202 lighttpd: slow request dos/oom attack [CVE-2010-0295]", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2010/02/01/8", }, { name: "FEDORA-2010-7611", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041296.html", }, { name: "GLSA-201006-17", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-201006-17.xml", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2010-02-02T00:00:00", descriptions: [ { lang: "en", value: "lighttpd before 1.4.26, and 1.5.x, allocates a buffer for each read operation that occurs for a request, which allows remote attackers to cause a denial of service (memory consumption) by breaking a request into small pieces that are sent at a slow rate.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-08-16T14:57:01", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "38403", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/38403", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://redmine.lighttpd.net/projects/lighttpd/repository/revisions/2711", }, { name: "ADV-2011-0172", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2011/0172", }, { name: "39765", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/39765", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://redmine.lighttpd.net/issues/2147", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2010_01.txt", }, { name: "FEDORA-2010-7643", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041307.html", }, { name: "lighttpd-slow-request-dos(56038)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/56038", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://blogs.sun.com/security/entry/cve_2010_0295_vulnerability_in", }, { name: "FEDORA-2010-7636", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041264.html", }, { name: "DSA-1987", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2010/dsa-1987", }, { name: "SUSE-SR:2010:003", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00003.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://download.lighttpd.net/lighttpd/security/lighttpd-1.4.x_fix_slow_request_dos.patch", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://redmine.lighttpd.net/projects/lighttpd/repository/revisions/2710", }, { name: "38036", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/38036", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://download.lighttpd.net/lighttpd/security/lighttpd-1.5_fix_slow_request_dos.patch", }, { name: "[oss-security] 20100202 lighttpd: slow request dos/oom attack [CVE-2010-0295]", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2010/02/01/8", }, { name: "FEDORA-2010-7611", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041296.html", }, { name: "GLSA-201006-17", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-201006-17.xml", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2010-0295", datePublished: "2010-02-03T19:00:00", dateReserved: "2010-01-12T00:00:00", dateUpdated: "2024-08-07T00:45:11.703Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2006-0760
Vulnerability from cvelistv5
Published
2006-02-18 02:00
Modified
2024-08-07 16:48
Severity ?
EPSS score ?
Summary
LightTPD 1.4.8 and earlier, when the web root is on a case-insensitive filesystem, allows remote attackers to bypass URL checks and obtain sensitive information via file extensions with unexpected capitalization, as demonstrated by a request for index.PHP when the configuration invokes the PHP interpreter only for ".php" names.
References
| ▼ | URL | Tags |
|---|---|---|
| http://lighttpd.net/news/ | x_refsource_CONFIRM | |
| http://www.vupen.com/english/advisories/2006/0550 | vdb-entry, x_refsource_VUPEN | |
| http://secunia.com/advisories/18869 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.lighttpd.net/news/ | x_refsource_CONFIRM | |
| http://www.osvdb.org/23229 | vdb-entry, x_refsource_OSVDB | |
| https://exchange.xforce.ibmcloud.com/vulnerabilities/24699 | vdb-entry, x_refsource_XF |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T16:48:55.669Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://lighttpd.net/news/", }, { name: "ADV-2006-0550", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2006/0550", }, { name: "18869", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/18869", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.lighttpd.net/news/", }, { name: "23229", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://www.osvdb.org/23229", }, { name: "lighttpd-ext-source-disclosure(24699)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/24699", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2006-01-15T00:00:00", descriptions: [ { lang: "en", value: "LightTPD 1.4.8 and earlier, when the web root is on a case-insensitive filesystem, allows remote attackers to bypass URL checks and obtain sensitive information via file extensions with unexpected capitalization, as demonstrated by a request for index.PHP when the configuration invokes the PHP interpreter only for \".php\" names.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2017-07-19T15:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://lighttpd.net/news/", }, { name: "ADV-2006-0550", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2006/0550", }, { name: "18869", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/18869", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.lighttpd.net/news/", }, { name: "23229", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://www.osvdb.org/23229", }, { name: "lighttpd-ext-source-disclosure(24699)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/24699", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2006-0760", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "LightTPD 1.4.8 and earlier, when the web root is on a case-insensitive filesystem, allows remote attackers to bypass URL checks and obtain sensitive information via file extensions with unexpected capitalization, as demonstrated by a request for index.PHP when the configuration invokes the PHP interpreter only for \".php\" names.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://lighttpd.net/news/", refsource: "CONFIRM", url: "http://lighttpd.net/news/", }, { name: "ADV-2006-0550", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2006/0550", }, { name: "18869", refsource: "SECUNIA", url: "http://secunia.com/advisories/18869", }, { name: "http://www.lighttpd.net/news/", refsource: "CONFIRM", url: "http://www.lighttpd.net/news/", }, { name: "23229", refsource: "OSVDB", url: "http://www.osvdb.org/23229", }, { name: "lighttpd-ext-source-disclosure(24699)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/24699", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2006-0760", datePublished: "2006-02-18T02:00:00", dateReserved: "2006-02-18T00:00:00", dateUpdated: "2024-08-07T16:48:55.669Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2007-1869
Vulnerability from cvelistv5
Published
2007-04-18 02:20
Modified
2024-08-07 13:13
Severity ?
EPSS score ?
Summary
lighttpd 1.4.12 and 1.4.13 allows remote attackers to cause a denial of service (cpu and resource consumption) by disconnecting while lighttpd is parsing CRLF sequences, which triggers an infinite loop and file descriptor consumption.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T13:13:41.420Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "25613", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/25613", }, { name: "GLSA-200705-07", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-200705-07.xml", }, { name: "ADV-2007-1399", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2007/1399", }, { name: "24947", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/24947", }, { name: "SUSE-SR:2007:007", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://www.novell.com/linux/security/advisories/2007_007_suse.html", }, { name: "lighttpd-rnrn-dos(33671)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/33671", }, { name: "24995", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/24995", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://issues.rpath.com/browse/RPL-1218", }, { name: "DSA-1303", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2007/dsa-1303", }, { name: "23515", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/23515", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.lighttpd.net/assets/2007/4/13/lighttpd_sa2007_01.txt", }, { name: "20070420 FLEA-2007-0011-1: lighttpd", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/466464/30/6900/threaded", }, { name: "25166", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/25166", }, { name: "24886", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/24886", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2007-04-16T00:00:00", descriptions: [ { lang: "en", value: "lighttpd 1.4.12 and 1.4.13 allows remote attackers to cause a denial of service (cpu and resource consumption) by disconnecting while lighttpd is parsing CRLF sequences, which triggers an infinite loop and file descriptor consumption.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-16T14:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "25613", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/25613", }, { name: "GLSA-200705-07", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-200705-07.xml", }, { name: "ADV-2007-1399", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2007/1399", }, { name: "24947", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/24947", }, { name: "SUSE-SR:2007:007", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://www.novell.com/linux/security/advisories/2007_007_suse.html", }, { name: "lighttpd-rnrn-dos(33671)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/33671", }, { name: "24995", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/24995", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://issues.rpath.com/browse/RPL-1218", }, { name: "DSA-1303", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2007/dsa-1303", }, { name: "23515", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/23515", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.lighttpd.net/assets/2007/4/13/lighttpd_sa2007_01.txt", }, { name: "20070420 FLEA-2007-0011-1: lighttpd", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/466464/30/6900/threaded", }, { name: "25166", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/25166", }, { name: "24886", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/24886", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2007-1869", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "lighttpd 1.4.12 and 1.4.13 allows remote attackers to cause a denial of service (cpu and resource consumption) by disconnecting while lighttpd is parsing CRLF sequences, which triggers an infinite loop and file descriptor consumption.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "25613", refsource: "SECUNIA", url: "http://secunia.com/advisories/25613", }, { name: "GLSA-200705-07", refsource: "GENTOO", url: "http://security.gentoo.org/glsa/glsa-200705-07.xml", }, { name: "ADV-2007-1399", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2007/1399", }, { name: "24947", refsource: "SECUNIA", url: "http://secunia.com/advisories/24947", }, { name: "SUSE-SR:2007:007", refsource: "SUSE", url: "http://www.novell.com/linux/security/advisories/2007_007_suse.html", }, { name: "lighttpd-rnrn-dos(33671)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/33671", }, { name: "24995", refsource: "SECUNIA", url: "http://secunia.com/advisories/24995", }, { name: "https://issues.rpath.com/browse/RPL-1218", refsource: "CONFIRM", url: "https://issues.rpath.com/browse/RPL-1218", }, { name: "DSA-1303", refsource: "DEBIAN", url: "http://www.debian.org/security/2007/dsa-1303", }, { name: "23515", refsource: "BID", url: "http://www.securityfocus.com/bid/23515", }, { name: "http://www.lighttpd.net/assets/2007/4/13/lighttpd_sa2007_01.txt", refsource: "CONFIRM", url: "http://www.lighttpd.net/assets/2007/4/13/lighttpd_sa2007_01.txt", }, { name: "20070420 FLEA-2007-0011-1: lighttpd", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/466464/30/6900/threaded", }, { name: "25166", refsource: "SECUNIA", url: "http://secunia.com/advisories/25166", }, { name: "24886", refsource: "SECUNIA", url: "http://secunia.com/advisories/24886", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2007-1869", datePublished: "2007-04-18T02:20:00", dateReserved: "2007-04-05T00:00:00", dateUpdated: "2024-08-07T13:13:41.420Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2007-3949
Vulnerability from cvelistv5
Published
2007-07-24 00:00
Modified
2024-08-07 14:37
Severity ?
EPSS score ?
Summary
mod_access.c in lighttpd 1.4.15 ignores trailing / (slash) characters in the URL, which allows remote attackers to bypass url.access-deny settings.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T14:37:05.559Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.lighttpd.net/2007/7/24/1-4-16-let-s-ship-it", }, { name: "38311", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://osvdb.org/38311", }, { name: "26158", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/26158", }, { name: "ADV-2007-2585", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2007/2585", }, { name: "26130", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/26130", }, { name: "20070719 rPSA-2007-0145-1 lighttpd", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/474131/100/0/threaded", }, { name: "24967", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/24967", }, { name: "26593", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/26593", }, { name: "DSA-1362", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2007/dsa-1362", }, { name: "GLSA-200708-11", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-200708-11.xml", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://trac.lighttpd.net/trac/changeset/1871", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://trac.lighttpd.net/trac/ticket/1230", }, { name: "SUSE-SR:2007:015", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://www.novell.com/linux/security/advisories/2007_15_sr.html", }, { name: "26505", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/26505", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2007-06-15T00:00:00", descriptions: [ { lang: "en", value: "mod_access.c in lighttpd 1.4.15 ignores trailing / (slash) characters in the URL, which allows remote attackers to bypass url.access-deny settings.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-15T20:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "http://www.lighttpd.net/2007/7/24/1-4-16-let-s-ship-it", }, { name: "38311", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://osvdb.org/38311", }, { name: "26158", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/26158", }, { name: "ADV-2007-2585", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2007/2585", }, { name: "26130", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/26130", }, { name: "20070719 rPSA-2007-0145-1 lighttpd", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/474131/100/0/threaded", }, { name: "24967", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/24967", }, { name: "26593", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/26593", }, { name: "DSA-1362", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2007/dsa-1362", }, { name: "GLSA-200708-11", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-200708-11.xml", }, { tags: [ "x_refsource_MISC", ], url: "http://trac.lighttpd.net/trac/changeset/1871", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://trac.lighttpd.net/trac/ticket/1230", }, { name: "SUSE-SR:2007:015", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://www.novell.com/linux/security/advisories/2007_15_sr.html", }, { name: "26505", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/26505", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2007-3949", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "mod_access.c in lighttpd 1.4.15 ignores trailing / (slash) characters in the URL, which allows remote attackers to bypass url.access-deny settings.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "http://www.lighttpd.net/2007/7/24/1-4-16-let-s-ship-it", refsource: "CONFIRM", url: "http://www.lighttpd.net/2007/7/24/1-4-16-let-s-ship-it", }, { name: "38311", refsource: "OSVDB", url: "http://osvdb.org/38311", }, { name: "26158", refsource: "SECUNIA", url: "http://secunia.com/advisories/26158", }, { name: "ADV-2007-2585", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2007/2585", }, { name: "26130", refsource: "SECUNIA", url: "http://secunia.com/advisories/26130", }, { name: "20070719 rPSA-2007-0145-1 lighttpd", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/474131/100/0/threaded", }, { name: "24967", refsource: "BID", url: "http://www.securityfocus.com/bid/24967", }, { name: "26593", refsource: "SECUNIA", url: "http://secunia.com/advisories/26593", }, { name: "DSA-1362", refsource: "DEBIAN", url: "http://www.debian.org/security/2007/dsa-1362", }, { name: "GLSA-200708-11", refsource: "GENTOO", url: "http://security.gentoo.org/glsa/glsa-200708-11.xml", }, { name: "http://trac.lighttpd.net/trac/changeset/1871", refsource: "MISC", url: "http://trac.lighttpd.net/trac/changeset/1871", }, { name: "http://trac.lighttpd.net/trac/ticket/1230", refsource: "CONFIRM", url: "http://trac.lighttpd.net/trac/ticket/1230", }, { name: "SUSE-SR:2007:015", refsource: "SUSE", url: "http://www.novell.com/linux/security/advisories/2007_15_sr.html", }, { name: "26505", refsource: "SECUNIA", url: "http://secunia.com/advisories/26505", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2007-3949", datePublished: "2007-07-24T00:00:00", dateReserved: "2007-07-23T00:00:00", dateUpdated: "2024-08-07T14:37:05.559Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2007-3948
Vulnerability from cvelistv5
Published
2007-07-24 00:00
Modified
2024-08-07 14:37
Severity ?
EPSS score ?
Summary
connections.c in lighttpd before 1.4.16 might accept more connections than the configured maximum, which allows remote attackers to cause a denial of service (failed assertion) via a large number of connection attempts.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/26158 | third-party-advisory, x_refsource_SECUNIA | |
| http://trac.lighttpd.net/trac/changeset/1873 | x_refsource_MISC | |
| http://www.vupen.com/english/advisories/2007/2585 | vdb-entry, x_refsource_VUPEN | |
| http://secunia.com/advisories/26130 | third-party-advisory, x_refsource_SECUNIA | |
| http://www.debian.org/security/2008/dsa-1609 | vendor-advisory, x_refsource_DEBIAN | |
| http://www.securityfocus.com/archive/1/474131/100/0/threaded | mailing-list, x_refsource_BUGTRAQ | |
| http://www.securityfocus.com/bid/24967 | vdb-entry, x_refsource_BID | |
| http://security.gentoo.org/glsa/glsa-200708-11.xml | vendor-advisory, x_refsource_GENTOO | |
| http://secunia.com/advisories/31104 | third-party-advisory, x_refsource_SECUNIA | |
| http://trac.lighttpd.net/trac/ticket/1216 | x_refsource_CONFIRM | |
| http://www.novell.com/linux/security/advisories/2007_15_sr.html | vendor-advisory, x_refsource_SUSE | |
| http://secunia.com/advisories/26505 | third-party-advisory, x_refsource_SECUNIA | |
| http://osvdb.org/38312 | vdb-entry, x_refsource_OSVDB |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T14:37:05.972Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "26158", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/26158", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://trac.lighttpd.net/trac/changeset/1873", }, { name: "ADV-2007-2585", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2007/2585", }, { name: "26130", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/26130", }, { name: "DSA-1609", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2008/dsa-1609", }, { name: "20070719 rPSA-2007-0145-1 lighttpd", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/474131/100/0/threaded", }, { name: "24967", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/24967", }, { name: "GLSA-200708-11", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-200708-11.xml", }, { name: "31104", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/31104", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://trac.lighttpd.net/trac/ticket/1216", }, { name: "SUSE-SR:2007:015", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://www.novell.com/linux/security/advisories/2007_15_sr.html", }, { name: "26505", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/26505", }, { name: "38312", tags: [ "vdb-entry", "x_refsource_OSVDB", "x_transferred", ], url: "http://osvdb.org/38312", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2007-06-15T00:00:00", descriptions: [ { lang: "en", value: "connections.c in lighttpd before 1.4.16 might accept more connections than the configured maximum, which allows remote attackers to cause a denial of service (failed assertion) via a large number of connection attempts.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-15T20:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "26158", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/26158", }, { tags: [ "x_refsource_MISC", ], url: "http://trac.lighttpd.net/trac/changeset/1873", }, { name: "ADV-2007-2585", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2007/2585", }, { name: "26130", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/26130", }, { name: "DSA-1609", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2008/dsa-1609", }, { name: "20070719 rPSA-2007-0145-1 lighttpd", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/474131/100/0/threaded", }, { name: "24967", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/24967", }, { name: "GLSA-200708-11", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-200708-11.xml", }, { name: "31104", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/31104", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://trac.lighttpd.net/trac/ticket/1216", }, { name: "SUSE-SR:2007:015", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://www.novell.com/linux/security/advisories/2007_15_sr.html", }, { name: "26505", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/26505", }, { name: "38312", tags: [ "vdb-entry", "x_refsource_OSVDB", ], url: "http://osvdb.org/38312", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2007-3948", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "connections.c in lighttpd before 1.4.16 might accept more connections than the configured maximum, which allows remote attackers to cause a denial of service (failed assertion) via a large number of connection attempts.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "26158", refsource: "SECUNIA", url: "http://secunia.com/advisories/26158", }, { name: "http://trac.lighttpd.net/trac/changeset/1873", refsource: "MISC", url: "http://trac.lighttpd.net/trac/changeset/1873", }, { name: "ADV-2007-2585", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2007/2585", }, { name: "26130", refsource: "SECUNIA", url: "http://secunia.com/advisories/26130", }, { name: "DSA-1609", refsource: "DEBIAN", url: "http://www.debian.org/security/2008/dsa-1609", }, { name: "20070719 rPSA-2007-0145-1 lighttpd", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/474131/100/0/threaded", }, { name: "24967", refsource: "BID", url: "http://www.securityfocus.com/bid/24967", }, { name: "GLSA-200708-11", refsource: "GENTOO", url: "http://security.gentoo.org/glsa/glsa-200708-11.xml", }, { name: "31104", refsource: "SECUNIA", url: "http://secunia.com/advisories/31104", }, { name: "http://trac.lighttpd.net/trac/ticket/1216", refsource: "CONFIRM", url: "http://trac.lighttpd.net/trac/ticket/1216", }, { name: "SUSE-SR:2007:015", refsource: "SUSE", url: "http://www.novell.com/linux/security/advisories/2007_15_sr.html", }, { name: "26505", refsource: "SECUNIA", url: "http://secunia.com/advisories/26505", }, { name: "38312", refsource: "OSVDB", url: "http://osvdb.org/38312", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2007-3948", datePublished: "2007-07-24T00:00:00", dateReserved: "2007-07-23T00:00:00", dateUpdated: "2024-08-07T14:37:05.972Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2013-4560
Vulnerability from cvelistv5
Published
2013-11-19 19:00
Modified
2024-08-06 16:45
Severity ?
EPSS score ?
Summary
Use-after-free vulnerability in lighttpd before 1.4.33 allows remote attackers to cause a denial of service (segmentation fault and crash) via unspecified vectors that trigger FAMMonitorDirectory failures.
References
| ▼ | URL | Tags |
|---|---|---|
| http://secunia.com/advisories/55682 | third-party-advisory, x_refsource_SECUNIA | |
| http://marc.info/?l=bugtraq&m=141576815022399&w=2 | vendor-advisory, x_refsource_HP | |
| http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2013_03.txt | x_refsource_CONFIRM | |
| http://lists.opensuse.org/opensuse-updates/2014-01/msg00049.html | vendor-advisory, x_refsource_SUSE | |
| https://www.debian.org/security/2013/dsa-2795 | vendor-advisory, x_refsource_DEBIAN | |
| http://www.openwall.com/lists/oss-security/2013/11/12/4 | mailing-list, x_refsource_MLIST | |
| http://jvn.jp/en/jp/JVN37417423/index.html | third-party-advisory, x_refsource_JVN |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T16:45:14.824Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "55682", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/55682", }, { name: "HPSBGN03191", tags: [ "vendor-advisory", "x_refsource_HP", "x_transferred", ], url: "http://marc.info/?l=bugtraq&m=141576815022399&w=2", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2013_03.txt", }, { name: "openSUSE-SU-2014:0072", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00049.html", }, { name: "DSA-2795", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2013/dsa-2795", }, { name: "[oss-security] 20131112 Re: CVE Request: lighttpd multiple issues (setuid/... unchecked return value, FAM: read after free)", tags: [ "mailing-list", "x_refsource_MLIST", "x_transferred", ], url: "http://www.openwall.com/lists/oss-security/2013/11/12/4", }, { name: "JVN#37417423", tags: [ "third-party-advisory", "x_refsource_JVN", "x_transferred", ], url: "http://jvn.jp/en/jp/JVN37417423/index.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2013-11-12T00:00:00", descriptions: [ { lang: "en", value: "Use-after-free vulnerability in lighttpd before 1.4.33 allows remote attackers to cause a denial of service (segmentation fault and crash) via unspecified vectors that trigger FAMMonitorDirectory failures.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2021-02-19T04:06:12", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "55682", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/55682", }, { name: "HPSBGN03191", tags: [ "vendor-advisory", "x_refsource_HP", ], url: "http://marc.info/?l=bugtraq&m=141576815022399&w=2", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2013_03.txt", }, { name: "openSUSE-SU-2014:0072", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00049.html", }, { name: "DSA-2795", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2013/dsa-2795", }, { name: "[oss-security] 20131112 Re: CVE Request: lighttpd multiple issues (setuid/... unchecked return value, FAM: read after free)", tags: [ "mailing-list", "x_refsource_MLIST", ], url: "http://www.openwall.com/lists/oss-security/2013/11/12/4", }, { name: "JVN#37417423", tags: [ "third-party-advisory", "x_refsource_JVN", ], url: "http://jvn.jp/en/jp/JVN37417423/index.html", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2013-4560", datePublished: "2013-11-19T19:00:00", dateReserved: "2013-06-12T00:00:00", dateUpdated: "2024-08-06T16:45:14.824Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-22707
Vulnerability from cvelistv5
Published
2022-01-06 05:55
Modified
2024-08-03 03:21
Severity ?
EPSS score ?
Summary
In lighttpd 1.4.46 through 1.4.63, the mod_extforward_Forwarded function of the mod_extforward plugin has a stack-based buffer overflow (4 bytes representing -1), as demonstrated by remote denial of service (daemon crash) in a non-default configuration. The non-default configuration requires handling of the Forwarded header in a somewhat unusual manner. Also, a 32-bit system is much more likely to be affected than a 64-bit system.
References
| ▼ | URL | Tags |
|---|---|---|
| https://redmine.lighttpd.net/issues/3134 | x_refsource_MISC | |
| https://www.debian.org/security/2022/dsa-5040 | vendor-advisory, x_refsource_DEBIAN |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T03:21:48.853Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://redmine.lighttpd.net/issues/3134", }, { name: "DSA-5040", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "https://www.debian.org/security/2022/dsa-5040", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "In lighttpd 1.4.46 through 1.4.63, the mod_extforward_Forwarded function of the mod_extforward plugin has a stack-based buffer overflow (4 bytes representing -1), as demonstrated by remote denial of service (daemon crash) in a non-default configuration. The non-default configuration requires handling of the Forwarded header in a somewhat unusual manner. Also, a 32-bit system is much more likely to be affected than a 64-bit system.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-01-12T10:06:30", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://redmine.lighttpd.net/issues/3134", }, { name: "DSA-5040", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "https://www.debian.org/security/2022/dsa-5040", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2022-22707", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "In lighttpd 1.4.46 through 1.4.63, the mod_extforward_Forwarded function of the mod_extforward plugin has a stack-based buffer overflow (4 bytes representing -1), as demonstrated by remote denial of service (daemon crash) in a non-default configuration. The non-default configuration requires handling of the Forwarded header in a somewhat unusual manner. Also, a 32-bit system is much more likely to be affected than a 64-bit system.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://redmine.lighttpd.net/issues/3134", refsource: "MISC", url: "https://redmine.lighttpd.net/issues/3134", }, { name: "DSA-5040", refsource: "DEBIAN", url: "https://www.debian.org/security/2022/dsa-5040", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2022-22707", datePublished: "2022-01-06T05:55:30", dateReserved: "2022-01-06T00:00:00", dateUpdated: "2024-08-03T03:21:48.853Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2007-4727
Vulnerability from cvelistv5
Published
2007-09-12 19:00
Modified
2024-08-07 15:08
Severity ?
EPSS score ?
Summary
Buffer overflow in the fcgi_env_add function in mod_proxy_backend_fastcgi.c in the mod_fastcgi extension in lighttpd before 1.4.18 allows remote attackers to overwrite arbitrary CGI variables and execute arbitrary code via an HTTP request with a long content length, as demonstrated by overwriting the SCRIPT_FILENAME variable, aka a "header overflow."
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T15:08:33.521Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://issues.rpath.com/browse/RPL-1715", }, { name: "20070917 FLEA-2007-0054-1 lighttpd", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/479763/100/0/threaded", }, { name: "FEDORA-2007-2132", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://fedoranews.org/updates/FEDORA-2007-213.shtml", }, { name: "26732", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/26732", }, { name: "GLSA-200709-16", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200709-16.xml", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://secweb.se/en/advisories/lighttpd-fastcgi-remote-vulnerability/", }, { name: "25622", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/25622", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=284511", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.lighttpd.net/assets/2007/9/9/lighttpd_sa_2007_12.txt", }, { name: "lighttpd-modfastcgi-code-execution(36526)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/36526", }, { name: "3127", tags: [ "third-party-advisory", "x_refsource_SREASON", "x_transferred", ], url: "http://securityreason.com/securityalert/3127", }, { name: "26997", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/26997", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://trac.lighttpd.net/trac/changeset/1986", }, { name: "26824", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/26824", }, { name: "ADV-2007-3110", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2007/3110", }, { name: "27229", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/27229", }, { name: "26794", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/26794", }, { name: "SUSE-SR:2007:020", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://www.novell.com/linux/security/advisories/2007_20_sr.html", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2007-09-10T00:00:00", descriptions: [ { lang: "en", value: "Buffer overflow in the fcgi_env_add function in mod_proxy_backend_fastcgi.c in the mod_fastcgi extension in lighttpd before 1.4.18 allows remote attackers to overwrite arbitrary CGI variables and execute arbitrary code via an HTTP request with a long content length, as demonstrated by overwriting the SCRIPT_FILENAME variable, aka a \"header overflow.\"", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-15T20:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://issues.rpath.com/browse/RPL-1715", }, { name: "20070917 FLEA-2007-0054-1 lighttpd", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/479763/100/0/threaded", }, { name: "FEDORA-2007-2132", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://fedoranews.org/updates/FEDORA-2007-213.shtml", }, { name: "26732", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/26732", }, { name: "GLSA-200709-16", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://www.gentoo.org/security/en/glsa/glsa-200709-16.xml", }, { tags: [ "x_refsource_MISC", ], url: "http://secweb.se/en/advisories/lighttpd-fastcgi-remote-vulnerability/", }, { name: "25622", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/25622", }, { tags: [ "x_refsource_MISC", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=284511", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.lighttpd.net/assets/2007/9/9/lighttpd_sa_2007_12.txt", }, { name: "lighttpd-modfastcgi-code-execution(36526)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/36526", }, { name: "3127", tags: [ "third-party-advisory", "x_refsource_SREASON", ], url: "http://securityreason.com/securityalert/3127", }, { name: "26997", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/26997", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://trac.lighttpd.net/trac/changeset/1986", }, { name: "26824", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/26824", }, { name: "ADV-2007-3110", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2007/3110", }, { name: "27229", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/27229", }, { name: "26794", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/26794", }, { name: "SUSE-SR:2007:020", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://www.novell.com/linux/security/advisories/2007_20_sr.html", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2007-4727", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Buffer overflow in the fcgi_env_add function in mod_proxy_backend_fastcgi.c in the mod_fastcgi extension in lighttpd before 1.4.18 allows remote attackers to overwrite arbitrary CGI variables and execute arbitrary code via an HTTP request with a long content length, as demonstrated by overwriting the SCRIPT_FILENAME variable, aka a \"header overflow.\"", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://issues.rpath.com/browse/RPL-1715", refsource: "CONFIRM", url: "https://issues.rpath.com/browse/RPL-1715", }, { name: "20070917 FLEA-2007-0054-1 lighttpd", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/479763/100/0/threaded", }, { name: "FEDORA-2007-2132", refsource: "FEDORA", url: "http://fedoranews.org/updates/FEDORA-2007-213.shtml", }, { name: "26732", refsource: "SECUNIA", url: "http://secunia.com/advisories/26732", }, { name: "GLSA-200709-16", refsource: "GENTOO", url: "http://www.gentoo.org/security/en/glsa/glsa-200709-16.xml", }, { name: "http://secweb.se/en/advisories/lighttpd-fastcgi-remote-vulnerability/", refsource: "MISC", url: "http://secweb.se/en/advisories/lighttpd-fastcgi-remote-vulnerability/", }, { name: "25622", refsource: "BID", url: "http://www.securityfocus.com/bid/25622", }, { name: "https://bugzilla.redhat.com/show_bug.cgi?id=284511", refsource: "MISC", url: "https://bugzilla.redhat.com/show_bug.cgi?id=284511", }, { name: "http://www.lighttpd.net/assets/2007/9/9/lighttpd_sa_2007_12.txt", refsource: "CONFIRM", url: "http://www.lighttpd.net/assets/2007/9/9/lighttpd_sa_2007_12.txt", }, { name: "lighttpd-modfastcgi-code-execution(36526)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/36526", }, { name: "3127", refsource: "SREASON", url: "http://securityreason.com/securityalert/3127", }, { name: "26997", refsource: "SECUNIA", url: "http://secunia.com/advisories/26997", }, { name: "http://trac.lighttpd.net/trac/changeset/1986", refsource: "CONFIRM", url: "http://trac.lighttpd.net/trac/changeset/1986", }, { name: "26824", refsource: "SECUNIA", url: "http://secunia.com/advisories/26824", }, { name: "ADV-2007-3110", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2007/3110", }, { name: "27229", refsource: "SECUNIA", url: "http://secunia.com/advisories/27229", }, { name: "26794", refsource: "SECUNIA", url: "http://secunia.com/advisories/26794", }, { name: "SUSE-SR:2007:020", refsource: "SUSE", url: "http://www.novell.com/linux/security/advisories/2007_20_sr.html", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2007-4727", datePublished: "2007-09-12T19:00:00", dateReserved: "2007-09-05T00:00:00", dateUpdated: "2024-08-07T15:08:33.521Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2015-3200
Vulnerability from cvelistv5
Published
2015-06-09 14:00
Modified
2024-08-06 05:39
Severity ?
EPSS score ?
Summary
mod_auth in lighttpd before 1.4.36 allows remote attackers to inject arbitrary log entries via a basic HTTP authentication string without a colon character, as demonstrated by a string containing a NULL and new line character.
References
| ▼ | URL | Tags |
|---|---|---|
| http://www.securityfocus.com/bid/74813 | vdb-entry, x_refsource_BID | |
| https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05247375 | x_refsource_CONFIRM | |
| http://redmine.lighttpd.net/issues/2646 | x_refsource_CONFIRM | |
| http://www.securitytracker.com/id/1032405 | vdb-entry, x_refsource_SECTRACK | |
| http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163223.html | vendor-advisory, x_refsource_FEDORA | |
| http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163286.html | vendor-advisory, x_refsource_FEDORA | |
| http://jaanuskp.blogspot.com/2015/05/cve-2015-3200.html | x_refsource_MISC | |
| http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html | x_refsource_CONFIRM | |
| https://kc.mcafee.com/corporate/index?page=content&id=SB10310 | x_refsource_CONFIRM |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-06T05:39:31.929Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "74813", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/74813", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05247375", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://redmine.lighttpd.net/issues/2646", }, { name: "1032405", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1032405", }, { name: "FEDORA-2015-12252", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163223.html", }, { name: "FEDORA-2015-12250", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163286.html", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://jaanuskp.blogspot.com/2015/05/cve-2015-3200.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10310", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2015-05-25T00:00:00", descriptions: [ { lang: "en", value: "mod_auth in lighttpd before 1.4.36 allows remote attackers to inject arbitrary log entries via a basic HTTP authentication string without a colon character, as demonstrated by a string containing a NULL and new line character.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2020-03-18T07:06:06", orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", shortName: "redhat", }, references: [ { name: "74813", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/74813", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05247375", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://redmine.lighttpd.net/issues/2646", }, { name: "1032405", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1032405", }, { name: "FEDORA-2015-12252", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163223.html", }, { name: "FEDORA-2015-12250", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163286.html", }, { tags: [ "x_refsource_MISC", ], url: "http://jaanuskp.blogspot.com/2015/05/cve-2015-3200.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10310", }, ], }, }, cveMetadata: { assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749", assignerShortName: "redhat", cveId: "CVE-2015-3200", datePublished: "2015-06-09T14:00:00", dateReserved: "2015-04-10T00:00:00", dateUpdated: "2024-08-06T05:39:31.929Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-41556
Vulnerability from cvelistv5
Published
2022-10-06 00:00
Modified
2024-08-03 12:42
Severity ?
EPSS score ?
Summary
A resource leak in gw_backend.c in lighttpd 1.4.56 through 1.4.66 could lead to a denial of service (connection-slot exhaustion) after a large amount of anomalous TCP behavior by clients. It is related to RDHUP mishandling in certain HTTP/1.1 chunked situations. Use of mod_fastcgi is, for example, affected. This is fixed in 1.4.67.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T12:42:46.654Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://git.lighttpd.net/lighttpd/lighttpd1.4/commit/b18de6f9264f914f7bf493abd3b6059343548e50", }, { tags: [ "x_transferred", ], url: "https://github.com/lighttpd/lighttpd1.4/pull/115", }, { tags: [ "x_transferred", ], url: "https://github.com/lighttpd/lighttpd1.4/compare/lighttpd-1.4.66...lighttpd-1.4.67", }, { name: "FEDORA-2022-c26b19568d", tags: [ "vendor-advisory", "x_transferred", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OVOSBSCMLGCHH2Z74H64ZWVDFJFQTBC2/", }, { name: "GLSA-202210-12", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202210-12", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "A resource leak in gw_backend.c in lighttpd 1.4.56 through 1.4.66 could lead to a denial of service (connection-slot exhaustion) after a large amount of anomalous TCP behavior by clients. It is related to RDHUP mishandling in certain HTTP/1.1 chunked situations. Use of mod_fastcgi is, for example, affected. This is fixed in 1.4.67.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-31T00:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://git.lighttpd.net/lighttpd/lighttpd1.4/commit/b18de6f9264f914f7bf493abd3b6059343548e50", }, { url: "https://github.com/lighttpd/lighttpd1.4/pull/115", }, { url: "https://github.com/lighttpd/lighttpd1.4/compare/lighttpd-1.4.66...lighttpd-1.4.67", }, { name: "FEDORA-2022-c26b19568d", tags: [ "vendor-advisory", ], url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OVOSBSCMLGCHH2Z74H64ZWVDFJFQTBC2/", }, { name: "GLSA-202210-12", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202210-12", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2022-41556", datePublished: "2022-10-06T00:00:00", dateReserved: "2022-09-26T00:00:00", dateUpdated: "2024-08-03T12:42:46.654Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-37797
Vulnerability from cvelistv5
Published
2022-09-12 00:00
Modified
2024-08-03 10:37
Severity ?
EPSS score ?
Summary
In lighttpd 1.4.65, mod_wstunnel does not initialize a handler function pointer if an invalid HTTP request (websocket handshake) is received. It leads to null pointer dereference which crashes the server. It could be used by an external attacker to cause denial of service condition.
References
| ▼ | URL | Tags |
|---|---|---|
| https://redmine.lighttpd.net/issues/3165 | ||
| https://www.debian.org/security/2022/dsa-5243 | vendor-advisory | |
| https://lists.debian.org/debian-lts-announce/2022/10/msg00002.html | mailing-list | |
| https://security.gentoo.org/glsa/202210-12 | vendor-advisory |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T10:37:41.657Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://redmine.lighttpd.net/issues/3165", }, { name: "DSA-5243", tags: [ "vendor-advisory", "x_transferred", ], url: "https://www.debian.org/security/2022/dsa-5243", }, { name: "[debian-lts-announce] 20221003 [SECURITY] [DLA 3133-1] lighttpd security update", tags: [ "mailing-list", "x_transferred", ], url: "https://lists.debian.org/debian-lts-announce/2022/10/msg00002.html", }, { name: "GLSA-202210-12", tags: [ "vendor-advisory", "x_transferred", ], url: "https://security.gentoo.org/glsa/202210-12", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "In lighttpd 1.4.65, mod_wstunnel does not initialize a handler function pointer if an invalid HTTP request (websocket handshake) is received. It leads to null pointer dereference which crashes the server. It could be used by an external attacker to cause denial of service condition.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-10-31T00:00:00", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { url: "https://redmine.lighttpd.net/issues/3165", }, { name: "DSA-5243", tags: [ "vendor-advisory", ], url: "https://www.debian.org/security/2022/dsa-5243", }, { name: "[debian-lts-announce] 20221003 [SECURITY] [DLA 3133-1] lighttpd security update", tags: [ "mailing-list", ], url: "https://lists.debian.org/debian-lts-announce/2022/10/msg00002.html", }, { name: "GLSA-202210-12", tags: [ "vendor-advisory", ], url: "https://security.gentoo.org/glsa/202210-12", }, ], }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2022-37797", datePublished: "2022-09-12T00:00:00", dateReserved: "2022-08-08T00:00:00", dateUpdated: "2024-08-03T10:37:41.657Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2008-1111
Vulnerability from cvelistv5
Published
2008-03-04 23:00
Modified
2024-08-07 08:08
Severity ?
EPSS score ?
Summary
mod_cgi in lighttpd 1.4.18 sends the source code of CGI scripts instead of a 500 error when a fork failure occurs, which might allow remote attackers to obtain sensitive information.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T08:08:57.337Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "29268", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/29268", }, { name: "29622", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/29622", }, { name: "ADV-2008-0763", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2008/0763", }, { name: "29318", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/29318", }, { name: "SUSE-SR:2008:008", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html", }, { name: "29209", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/29209", }, { name: "DSA-1513", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2008/dsa-1513", }, { name: "FEDORA-2008-2262", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00162.html", }, { name: "28100", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/28100", }, { name: "20080312 rPSA-2008-0106-1 lighttpd", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/489465/100/0/threaded", }, { name: "29275", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/29275", }, { name: "GLSA-200803-10", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-200803-10.xml", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://issues.rpath.com/browse/RPL-2326", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.gentoo.org/show_bug.cgi?id=211956", }, { name: "FEDORA-2008-2278", tags: [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred", ], url: "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00180.html", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://trac.lighttpd.net/trac/changeset/2107", }, { name: "29235", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/29235", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0106", }, { name: "lighttpd-modcgi-information-disclosure(41008)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/41008", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2008-03-02T00:00:00", descriptions: [ { lang: "en", value: "mod_cgi in lighttpd 1.4.18 sends the source code of CGI scripts instead of a 500 error when a fork failure occurs, which might allow remote attackers to obtain sensitive information.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-11T19:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { name: "29268", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/29268", }, { name: "29622", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/29622", }, { name: "ADV-2008-0763", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2008/0763", }, { name: "29318", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/29318", }, { name: "SUSE-SR:2008:008", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html", }, { name: "29209", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/29209", }, { name: "DSA-1513", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2008/dsa-1513", }, { name: "FEDORA-2008-2262", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00162.html", }, { name: "28100", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/28100", }, { name: "20080312 rPSA-2008-0106-1 lighttpd", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/489465/100/0/threaded", }, { name: "29275", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/29275", }, { name: "GLSA-200803-10", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-200803-10.xml", }, { tags: [ "x_refsource_MISC", ], url: "https://issues.rpath.com/browse/RPL-2326", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.gentoo.org/show_bug.cgi?id=211956", }, { name: "FEDORA-2008-2278", tags: [ "vendor-advisory", "x_refsource_FEDORA", ], url: "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00180.html", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://trac.lighttpd.net/trac/changeset/2107", }, { name: "29235", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/29235", }, { tags: [ "x_refsource_MISC", ], url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0106", }, { name: "lighttpd-modcgi-information-disclosure(41008)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/41008", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2008-1111", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "mod_cgi in lighttpd 1.4.18 sends the source code of CGI scripts instead of a 500 error when a fork failure occurs, which might allow remote attackers to obtain sensitive information.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "29268", refsource: "SECUNIA", url: "http://secunia.com/advisories/29268", }, { name: "29622", refsource: "SECUNIA", url: "http://secunia.com/advisories/29622", }, { name: "ADV-2008-0763", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2008/0763", }, { name: "29318", refsource: "SECUNIA", url: "http://secunia.com/advisories/29318", }, { name: "SUSE-SR:2008:008", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html", }, { name: "29209", refsource: "SECUNIA", url: "http://secunia.com/advisories/29209", }, { name: "DSA-1513", refsource: "DEBIAN", url: "http://www.debian.org/security/2008/dsa-1513", }, { name: "FEDORA-2008-2262", refsource: "FEDORA", url: "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00162.html", }, { name: "28100", refsource: "BID", url: "http://www.securityfocus.com/bid/28100", }, { name: "20080312 rPSA-2008-0106-1 lighttpd", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/489465/100/0/threaded", }, { name: "29275", refsource: "SECUNIA", url: "http://secunia.com/advisories/29275", }, { name: "GLSA-200803-10", refsource: "GENTOO", url: "http://security.gentoo.org/glsa/glsa-200803-10.xml", }, { name: "https://issues.rpath.com/browse/RPL-2326", refsource: "MISC", url: "https://issues.rpath.com/browse/RPL-2326", }, { name: "https://bugs.gentoo.org/show_bug.cgi?id=211956", refsource: "CONFIRM", url: "https://bugs.gentoo.org/show_bug.cgi?id=211956", }, { name: "FEDORA-2008-2278", refsource: "FEDORA", url: "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00180.html", }, { name: "http://trac.lighttpd.net/trac/changeset/2107", refsource: "CONFIRM", url: "http://trac.lighttpd.net/trac/changeset/2107", }, { name: "29235", refsource: "SECUNIA", url: "http://secunia.com/advisories/29235", }, { name: "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0106", refsource: "MISC", url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0106", }, { name: "lighttpd-modcgi-information-disclosure(41008)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/41008", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2008-1111", datePublished: "2008-03-04T23:00:00", dateReserved: "2008-03-02T00:00:00", dateUpdated: "2024-08-07T08:08:57.337Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2008-1270
Vulnerability from cvelistv5
Published
2008-03-10 21:00
Modified
2024-08-07 08:17
Severity ?
EPSS score ?
Summary
mod_userdir in lighttpd 1.4.18 and earlier, when userdir.path is not set, uses a default of $HOME, which might allow remote attackers to read arbitrary files, as demonstrated by accessing the ~nobody directory.
References
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-07T08:17:34.265Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://issues.rpath.com/browse/RPL-2344", }, { name: "29622", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/29622", }, { name: "29318", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/29318", }, { name: "SUSE-SR:2008:008", tags: [ "vendor-advisory", "x_refsource_SUSE", "x_transferred", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html", }, { name: "GLSA-200804-08", tags: [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred", ], url: "http://security.gentoo.org/glsa/glsa-200804-08.xml", }, { name: "DSA-1521", tags: [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred", ], url: "http://www.debian.org/security/2008/dsa-1521", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.lighttpd.net/security/lighttpd_sa_2008_03.txt", }, { name: "20080312 rPSA-2008-0106-1 lighttpd", tags: [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred", ], url: "http://www.securityfocus.com/archive/1/489465/100/0/threaded", }, { name: "29636", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/29636", }, { name: "ADV-2008-0885", tags: [ "vdb-entry", "x_refsource_VUPEN", "x_transferred", ], url: "http://www.vupen.com/english/advisories/2008/0885/references", }, { name: "28226", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/28226", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://trac.lighttpd.net/trac/ticket/1587", }, { name: "29403", tags: [ "third-party-advisory", "x_refsource_SECUNIA", "x_transferred", ], url: "http://secunia.com/advisories/29403", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "http://www.lighttpd.net/2008/3/10/1-4-19-made-in-germany", }, { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://bugs.gentoo.org/show_bug.cgi?id=212930", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0106", }, { name: "lighttpd-moduserdir-information-disclosure(41173)", tags: [ "vdb-entry", "x_refsource_XF", "x_transferred", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/41173", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2008-03-10T00:00:00", descriptions: [ { lang: "en", value: "mod_userdir in lighttpd 1.4.18 and earlier, when userdir.path is not set, uses a default of $HOME, which might allow remote attackers to read arbitrary files, as demonstrated by accessing the ~nobody directory.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-11T19:57:01", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://issues.rpath.com/browse/RPL-2344", }, { name: "29622", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/29622", }, { name: "29318", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/29318", }, { name: "SUSE-SR:2008:008", tags: [ "vendor-advisory", "x_refsource_SUSE", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html", }, { name: "GLSA-200804-08", tags: [ "vendor-advisory", "x_refsource_GENTOO", ], url: "http://security.gentoo.org/glsa/glsa-200804-08.xml", }, { name: "DSA-1521", tags: [ "vendor-advisory", "x_refsource_DEBIAN", ], url: "http://www.debian.org/security/2008/dsa-1521", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.lighttpd.net/security/lighttpd_sa_2008_03.txt", }, { name: "20080312 rPSA-2008-0106-1 lighttpd", tags: [ "mailing-list", "x_refsource_BUGTRAQ", ], url: "http://www.securityfocus.com/archive/1/489465/100/0/threaded", }, { name: "29636", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/29636", }, { name: "ADV-2008-0885", tags: [ "vdb-entry", "x_refsource_VUPEN", ], url: "http://www.vupen.com/english/advisories/2008/0885/references", }, { name: "28226", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/28226", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://trac.lighttpd.net/trac/ticket/1587", }, { name: "29403", tags: [ "third-party-advisory", "x_refsource_SECUNIA", ], url: "http://secunia.com/advisories/29403", }, { tags: [ "x_refsource_CONFIRM", ], url: "http://www.lighttpd.net/2008/3/10/1-4-19-made-in-germany", }, { tags: [ "x_refsource_CONFIRM", ], url: "https://bugs.gentoo.org/show_bug.cgi?id=212930", }, { tags: [ "x_refsource_MISC", ], url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0106", }, { name: "lighttpd-moduserdir-information-disclosure(41173)", tags: [ "vdb-entry", "x_refsource_XF", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/41173", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2008-1270", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "mod_userdir in lighttpd 1.4.18 and earlier, when userdir.path is not set, uses a default of $HOME, which might allow remote attackers to read arbitrary files, as demonstrated by accessing the ~nobody directory.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://issues.rpath.com/browse/RPL-2344", refsource: "CONFIRM", url: "https://issues.rpath.com/browse/RPL-2344", }, { name: "29622", refsource: "SECUNIA", url: "http://secunia.com/advisories/29622", }, { name: "29318", refsource: "SECUNIA", url: "http://secunia.com/advisories/29318", }, { name: "SUSE-SR:2008:008", refsource: "SUSE", url: "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html", }, { name: "GLSA-200804-08", refsource: "GENTOO", url: "http://security.gentoo.org/glsa/glsa-200804-08.xml", }, { name: "DSA-1521", refsource: "DEBIAN", url: "http://www.debian.org/security/2008/dsa-1521", }, { name: "http://www.lighttpd.net/security/lighttpd_sa_2008_03.txt", refsource: "CONFIRM", url: "http://www.lighttpd.net/security/lighttpd_sa_2008_03.txt", }, { name: "20080312 rPSA-2008-0106-1 lighttpd", refsource: "BUGTRAQ", url: "http://www.securityfocus.com/archive/1/489465/100/0/threaded", }, { name: "29636", refsource: "SECUNIA", url: "http://secunia.com/advisories/29636", }, { name: "ADV-2008-0885", refsource: "VUPEN", url: "http://www.vupen.com/english/advisories/2008/0885/references", }, { name: "28226", refsource: "BID", url: "http://www.securityfocus.com/bid/28226", }, { name: "http://trac.lighttpd.net/trac/ticket/1587", refsource: "CONFIRM", url: "http://trac.lighttpd.net/trac/ticket/1587", }, { name: "29403", refsource: "SECUNIA", url: "http://secunia.com/advisories/29403", }, { name: "http://www.lighttpd.net/2008/3/10/1-4-19-made-in-germany", refsource: "CONFIRM", url: "http://www.lighttpd.net/2008/3/10/1-4-19-made-in-germany", }, { name: "https://bugs.gentoo.org/show_bug.cgi?id=212930", refsource: "CONFIRM", url: "https://bugs.gentoo.org/show_bug.cgi?id=212930", }, { name: "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0106", refsource: "MISC", url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0106", }, { name: "lighttpd-moduserdir-information-disclosure(41173)", refsource: "XF", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/41173", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2008-1270", datePublished: "2008-03-10T21:00:00", dateReserved: "2008-03-10T00:00:00", dateUpdated: "2024-08-07T08:17:34.265Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2022-30780
Vulnerability from cvelistv5
Published
2022-06-11 14:40
Modified
2024-08-03 06:56
Severity ?
EPSS score ?
Summary
Lighttpd 1.4.56 through 1.4.58 allows a remote attacker to cause a denial of service (CPU consumption from stuck connections) because connection_read_header_more in connections.c has a typo that disrupts use of multiple read operations on large headers.
References
| ▼ | URL | Tags |
|---|---|---|
| https://github.com/lighttpd/lighttpd1.4 | x_refsource_MISC | |
| https://redmine.lighttpd.net/issues/3059 | x_refsource_MISC | |
| https://podalirius.net/en/cves/2022-30780/ | x_refsource_MISC | |
| https://github.com/p0dalirius/CVE-2022-30780-lighttpd-denial-of-service | x_refsource_MISC |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T06:56:14.103Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/lighttpd/lighttpd1.4", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://redmine.lighttpd.net/issues/3059", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://podalirius.net/en/cves/2022-30780/", }, { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://github.com/p0dalirius/CVE-2022-30780-lighttpd-denial-of-service", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], descriptions: [ { lang: "en", value: "Lighttpd 1.4.56 through 1.4.58 allows a remote attacker to cause a denial of service (CPU consumption from stuck connections) because connection_read_header_more in connections.c has a typo that disrupts use of multiple read operations on large headers.", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2022-06-11T14:40:53", orgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", shortName: "mitre", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://github.com/lighttpd/lighttpd1.4", }, { tags: [ "x_refsource_MISC", ], url: "https://redmine.lighttpd.net/issues/3059", }, { tags: [ "x_refsource_MISC", ], url: "https://podalirius.net/en/cves/2022-30780/", }, { tags: [ "x_refsource_MISC", ], url: "https://github.com/p0dalirius/CVE-2022-30780-lighttpd-denial-of-service", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "cve@mitre.org", ID: "CVE-2022-30780", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Lighttpd 1.4.56 through 1.4.58 allows a remote attacker to cause a denial of service (CPU consumption from stuck connections) because connection_read_header_more in connections.c has a typo that disrupts use of multiple read operations on large headers.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "https://github.com/lighttpd/lighttpd1.4", refsource: "MISC", url: "https://github.com/lighttpd/lighttpd1.4", }, { name: "https://redmine.lighttpd.net/issues/3059", refsource: "MISC", url: "https://redmine.lighttpd.net/issues/3059", }, { name: "https://podalirius.net/en/cves/2022-30780/", refsource: "MISC", url: "https://podalirius.net/en/cves/2022-30780/", }, { name: "https://github.com/p0dalirius/CVE-2022-30780-lighttpd-denial-of-service", refsource: "MISC", url: "https://github.com/p0dalirius/CVE-2022-30780-lighttpd-denial-of-service", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "8254265b-2729-46b6-b9e3-3dfca2d5bfca", assignerShortName: "mitre", cveId: "CVE-2022-30780", datePublished: "2022-06-11T14:40:53", dateReserved: "2022-05-16T00:00:00", dateUpdated: "2024-08-03T06:56:14.103Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-25103
Vulnerability from cvelistv5
Published
2024-06-17 18:02
Modified
2025-02-13 16:27
Severity ?
EPSS score ?
Summary
There exists use-after-free vulnerabilities in lighttpd <= 1.4.50 request parsing which might read from invalid pointers to memory used in the same request, not from other requests.
References
{ containers: { adp: [ { affected: [ { cpes: [ "cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*", ], defaultStatus: "unknown", product: "lighttpd", vendor: "lighttpd", versions: [ { lessThanOrEqual: "1.4.50", status: "affected", version: "0", versionType: "custom", }, ], }, ], metrics: [ { cvssV3_1: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "LOW", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", version: "3.1", }, }, { other: { content: { id: "CVE-2018-25103", options: [ { Exploitation: "none", }, { Automatable: "yes", }, { "Technical Impact": "partial", }, ], role: "CISA Coordinator", timestamp: "2024-07-01T20:51:04.704950Z", version: "2.0.3", }, type: "ssvc", }, }, ], providerMetadata: { dateUpdated: "2024-07-01T20:51:27.271Z", orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0", shortName: "CISA-ADP", }, title: "CISA ADP Vulnrichment", }, { providerMetadata: { dateUpdated: "2024-08-05T12:33:49.277Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_transferred", ], url: "https://blogvdoo.wordpress.com/2018/11/06/giving-back-securing-open-source-iot-projects/#more-736", }, { tags: [ "x_transferred", ], url: "https://www.runzero.com/blog/lighttpd/", }, { tags: [ "x_transferred", ], url: "https://github.com/lighttpd/lighttpd1.4/commit/df8e4f95614e476276a55e34da2aa8b00b1148e9", }, { tags: [ "x_transferred", ], url: "https://github.com/lighttpd/lighttpd1.4/commit/d161f53de04bc826ce1bdaeb3dce2c72ca50a3f8", }, { tags: [ "x_transferred", ], url: "https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/2024/AMI-SA-2024002.pdf", }, { tags: [ "x_transferred", ], url: "https://www.kb.cert.org/vuls/id/312260", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "lighttpd", vendor: "lighttpd", versions: [ { lessThanOrEqual: "1.4.50", status: "affected", version: "*", versionType: "custom", }, ], }, ], credits: [ { lang: "en", type: "finder", value: "Thanks to VDOO Embedded Security part of JFROG for reporting the vulnerability in the If-Modified-Since header with line folding, and thanks to Marcus Wengelin for reporting the vulnerability in the Range header with a specially crafted pair of Range headers.", }, ], descriptions: [ { lang: "en", value: "There exists use-after-free vulnerabilities in lighttpd <= 1.4.50 request parsing which might read from invalid pointers to memory used in the same request, not from other requests.", }, ], problemTypes: [ { descriptions: [ { description: "CWE-416: Use After Free", lang: "en", }, ], }, ], providerMetadata: { dateUpdated: "2024-07-09T14:45:06.732Z", orgId: "37e5125f-f79b-445b-8fad-9564f167944b", shortName: "certcc", }, references: [ { url: "https://blogvdoo.wordpress.com/2018/11/06/giving-back-securing-open-source-iot-projects/#more-736", }, { url: "https://www.runzero.com/blog/lighttpd/", }, { url: "https://github.com/lighttpd/lighttpd1.4/commit/df8e4f95614e476276a55e34da2aa8b00b1148e9", }, { url: "https://github.com/lighttpd/lighttpd1.4/commit/d161f53de04bc826ce1bdaeb3dce2c72ca50a3f8", }, { url: "https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/2024/AMI-SA-2024002.pdf", }, { url: "https://www.kb.cert.org/vuls/id/312260", }, ], source: { discovery: "EXTERNAL", }, title: "Use-after-free vulnerabilities in lighttpd <= 1.4.50", x_generator: { engine: "VINCE 3.0.4", env: "prod", origin: "https://cveawg.mitre.org/api/cve/CVE-2018-25103", }, }, }, cveMetadata: { assignerOrgId: "37e5125f-f79b-445b-8fad-9564f167944b", assignerShortName: "certcc", cveId: "CVE-2018-25103", datePublished: "2024-06-17T18:02:57.162Z", dateReserved: "2024-06-17T17:47:24.277Z", dateUpdated: "2025-02-13T16:27:19.157Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
Vulnerability from fkie_nvd
Published
2013-03-21 17:55
Modified
2024-11-21 01:49
Severity ?
Summary
The configuration file for the FastCGI PHP support for lighttpd before 1.4.28 on Debian GNU/Linux creates a socket file with a predictable name in /tmp, which allows local users to hijack the PHP control socket and perform unauthorized actions such as forcing the use of a different version of PHP via a symlink attack or a race condition.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| lighttpd | lighttpd | * | |
| lighttpd | lighttpd | 1.3.16 | |
| lighttpd | lighttpd | 1.4.3 | |
| lighttpd | lighttpd | 1.4.4 | |
| lighttpd | lighttpd | 1.4.5 | |
| lighttpd | lighttpd | 1.4.6 | |
| lighttpd | lighttpd | 1.4.7 | |
| lighttpd | lighttpd | 1.4.8 | |
| lighttpd | lighttpd | 1.4.9 | |
| lighttpd | lighttpd | 1.4.10 | |
| lighttpd | lighttpd | 1.4.11 | |
| lighttpd | lighttpd | 1.4.12 | |
| lighttpd | lighttpd | 1.4.13 | |
| lighttpd | lighttpd | 1.4.15 | |
| lighttpd | lighttpd | 1.4.16 | |
| lighttpd | lighttpd | 1.4.18 | |
| lighttpd | lighttpd | 1.4.19 | |
| lighttpd | lighttpd | 1.4.20 | |
| lighttpd | lighttpd | 1.4.21 | |
| lighttpd | lighttpd | 1.4.22 | |
| lighttpd | lighttpd | 1.4.23 | |
| lighttpd | lighttpd | 1.4.24 | |
| lighttpd | lighttpd | 1.4.25 | |
| lighttpd | lighttpd | 1.4.26 | |
| debian | debian_linux | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*", matchCriteriaId: "5CC94FF5-24DF-47F2-ACC7-99334A144D66", versionEndIncluding: "1.4.27", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.16:*:*:*:*:*:*:*", matchCriteriaId: "17207B51-0E7F-4AD2-8AC4-5A5CDC5CDEE5", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.3:*:*:*:*:*:*:*", matchCriteriaId: "1125A525-36BA-43E1-A316-6BB33DCEC672", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.4:*:*:*:*:*:*:*", matchCriteriaId: "A7E488CF-A3F1-4C8B-A92A-8764FA1E6032", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.5:*:*:*:*:*:*:*", matchCriteriaId: "A5DEAF46-95C2-4187-AF5A-FB8CB2E6FD04", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.6:*:*:*:*:*:*:*", matchCriteriaId: "24C0ECA9-5A9F-47CA-B8CA-28C7324EC722", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.7:*:*:*:*:*:*:*", matchCriteriaId: "B4F8F89B-5A10-4EE3-A035-1CEA44B1691A", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.8:*:*:*:*:*:*:*", matchCriteriaId: "F89FCD49-0C73-4E73-9D99-38700B622A06", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.9:*:*:*:*:*:*:*", matchCriteriaId: "FFA9AF51-F423-4167-88AB-5BF916BCC273", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.10:*:*:*:*:*:*:*", matchCriteriaId: "A21B3F82-1C1D-46EE-92EF-46F7F590957E", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.11:*:*:*:*:*:*:*", matchCriteriaId: "482312DE-D483-42EC-B8B3-C71CE088C7B2", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.12:*:*:*:*:*:*:*", matchCriteriaId: "D5549E74-A7A7-4D99-B08B-C6ACFB3917FD", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.13:*:*:*:*:*:*:*", matchCriteriaId: "72ABD4D8-8AD9-45E5-8FF5-FA947AC07F49", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.15:*:*:*:*:*:*:*", matchCriteriaId: "F79EED03-A95B-4636-A0AA-1F9E72DEF930", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.16:*:*:*:*:*:*:*", matchCriteriaId: "176D53A7-A81C-4C1F-A7B8-90604A9545F8", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.18:*:*:*:*:*:*:*", matchCriteriaId: "DA46E89A-565E-439D-BCB2-6CEE44EFDFAC", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.19:*:*:*:*:*:*:*", matchCriteriaId: "0A0C3E7A-1F5B-4926-A69F-0D4BB54E52D7", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.20:*:*:*:*:*:*:*", matchCriteriaId: "B33D950D-83A0-446E-A55D-D4DB42734B8A", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.21:*:*:*:*:*:*:*", matchCriteriaId: "25A066E2-FE6B-40F9-A05C-BAF461A71409", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.22:*:*:*:*:*:*:*", matchCriteriaId: "6FA07E2C-68C3-4B99-B497-F6D6207903B1", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.23:*:*:*:*:*:*:*", matchCriteriaId: "83918300-255F-4EC8-AA1A-FDC19FBB2D12", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.24:*:*:*:*:*:*:*", matchCriteriaId: "28D22D2F-8487-4B8D-97DD-743114A37EAD", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.25:*:*:*:*:*:*:*", matchCriteriaId: "E366C275-E152-4191-A2C6-59619347FF52", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.26:*:*:*:*:*:*:*", matchCriteriaId: "445292E8-A371-4301-9062-F0035F5E982F", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:*:*:*:*:*:*:*:*", matchCriteriaId: "4C8919F1-CD33-437E-9627-69352B276BA3", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "The configuration file for the FastCGI PHP support for lighttpd before 1.4.28 on Debian GNU/Linux creates a socket file with a predictable name in /tmp, which allows local users to hijack the PHP control socket and perform unauthorized actions such as forcing the use of a different version of PHP via a symlink attack or a race condition.", }, { lang: "es", value: "El archivo de configuración para el soporte FastCGI PHP en lighttpd en versiones anteriores a 1.4.28 en Debian GNU/Linux crea un archivo socket con un nombre predecible en /tmp, lo que permite a usuarios locales secuestrar el socket de control de PHP y llevar a cabo acciones no autorizadas como forzar el uso de una versión diferente de PHP a través de un ataque de link simbólico o una condición de carrera.", }, ], id: "CVE-2013-1427", lastModified: "2024-11-21T01:49:33.640", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "MEDIUM", accessVector: "LOCAL", authentication: "NONE", availabilityImpact: "NONE", baseScore: 1.9, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:L/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 3.4, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2013-03-21T17:55:03.117", references: [ { source: "security@debian.org", url: "http://osvdb.org/91462", }, { source: "security@debian.org", url: "http://www.debian.org/security/2013/dsa-2649", }, { source: "security@debian.org", url: "http://www.securityfocus.com/bid/58528", }, { source: "security@debian.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/82897", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://osvdb.org/91462", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2013/dsa-2649", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/58528", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/82897", }, ], sourceIdentifier: "security@debian.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-310", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-01-06 06:15
Modified
2024-11-21 06:47
Severity ?
Summary
In lighttpd 1.4.46 through 1.4.63, the mod_extforward_Forwarded function of the mod_extforward plugin has a stack-based buffer overflow (4 bytes representing -1), as demonstrated by remote denial of service (daemon crash) in a non-default configuration. The non-default configuration requires handling of the Forwarded header in a somewhat unusual manner. Also, a 32-bit system is much more likely to be affected than a 64-bit system.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://redmine.lighttpd.net/issues/3134 | Exploit, Vendor Advisory | |
| cve@mitre.org | https://www.debian.org/security/2022/dsa-5040 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://redmine.lighttpd.net/issues/3134 | Exploit, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2022/dsa-5040 | Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| lighttpd | lighttpd | * | |
| debian | debian_linux | 10.0 | |
| debian | debian_linux | 11.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*", matchCriteriaId: "204D3986-08C3-45EB-BA51-2D115E73947E", versionEndIncluding: "1.4.63", versionStartIncluding: "1.4.46", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*", matchCriteriaId: "FA6FEEC2-9F11-4643-8827-749718254FED", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In lighttpd 1.4.46 through 1.4.63, the mod_extforward_Forwarded function of the mod_extforward plugin has a stack-based buffer overflow (4 bytes representing -1), as demonstrated by remote denial of service (daemon crash) in a non-default configuration. The non-default configuration requires handling of the Forwarded header in a somewhat unusual manner. Also, a 32-bit system is much more likely to be affected than a 64-bit system.", }, { lang: "es", value: "En lighttpd versiones 1.4.46 hasta 1.4.63, la función mod_extforward_Forwarded del plugin mod_extforward tiene un desbordamiento de búfer basado en la pila (4 bytes que representan -1), como lo demuestra la denegación de servicio remota (caída del demonio) en una configuración no predeterminada. La configuración no predeterminada requiere el manejo de la cabecera Forwarded de una manera algo inusual. Además, es mucho más probable que un sistema de 32 bits se vea afectado que un sistema de 64 bits", }, ], id: "CVE-2022-22707", lastModified: "2024-11-21T06:47:17.437", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "HIGH", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 5.9, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 2.2, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-01-06T06:15:07.243", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Vendor Advisory", ], url: "https://redmine.lighttpd.net/issues/3134", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2022/dsa-5040", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Vendor Advisory", ], url: "https://redmine.lighttpd.net/issues/3134", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2022/dsa-5040", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-787", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2012-11-24 20:55
Modified
2024-11-21 01:44
Severity ?
Summary
The http_request_split_value function in request.c in lighttpd before 1.4.32 allows remote attackers to cause a denial of service (infinite loop) via a request with a header containing an empty token, as demonstrated using the "Connection: TE,,Keep-Alive" header.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.31:*:*:*:*:*:*:*", matchCriteriaId: "EEA16D25-3D16-435F-B704-50013009F0AF", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.32:*:*:*:*:*:*:*", matchCriteriaId: "68C9A1B6-B5B1-4208-9054-C24091D90B6F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The http_request_split_value function in request.c in lighttpd before 1.4.32 allows remote attackers to cause a denial of service (infinite loop) via a request with a header containing an empty token, as demonstrated using the \"Connection: TE,,Keep-Alive\" header.", }, { lang: "es", value: "La función http_request_split_value en request.c en lighttpd en versiones anteriores a 1.4.32 permite a atacantes remotos provocar una denegación de servicio (bucle infinito) a través de una petición con una cabecera que contiene un token vacío, tal como se demuestra utilizando la cabecera \"Connection: TE,,Keep-Alive\".", }, ], evaluatorImpact: "Per: http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2012_01.txt\r\n\r\n\" Affected versions\r\n-------------------\r\n\r\nOnly 1.4.31; on the other hand versions before 1.4.31 include the \"invalid read\" bug.\"", id: "CVE-2012-5533", lastModified: "2024-11-21T01:44:50.250", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2012-11-24T20:55:04.307", references: [ { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://download.lighttpd.net/lighttpd/security/lighttpd-1.4.31_fix_connection_header_dos.patch", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2012_01.txt", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-updates/2012-11/msg00044.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00051.html", }, { source: "secalert@redhat.com", url: "http://marc.info/?l=bugtraq&m=141576815022399&w=2", }, { source: "secalert@redhat.com", url: "http://osvdb.org/87623", }, { source: "secalert@redhat.com", url: "http://packetstormsecurity.org/files/118282/Simple-Lighttpd-1.4.31-Denial-Of-Service.html", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/51268", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/51298", }, { source: "secalert@redhat.com", tags: [ "Exploit", ], url: "http://www.exploit-db.com/exploits/22902", }, { source: "secalert@redhat.com", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2013:100", }, { source: "secalert@redhat.com", url: "http://www.openwall.com/lists/oss-security/2012/11/21/1", }, { source: "secalert@redhat.com", tags: [ "Exploit", ], url: "http://www.securityfocus.com/bid/56619", }, { source: "secalert@redhat.com", url: "http://www.securitytracker.com/id?1027802", }, { source: "secalert@redhat.com", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/80213", }, { source: "secalert@redhat.com", url: "https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0345", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://download.lighttpd.net/lighttpd/security/lighttpd-1.4.31_fix_connection_header_dos.patch", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2012_01.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-updates/2012-11/msg00044.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00051.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://marc.info/?l=bugtraq&m=141576815022399&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://osvdb.org/87623", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://packetstormsecurity.org/files/118282/Simple-Lighttpd-1.4.31-Denial-Of-Service.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/51268", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/51298", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "http://www.exploit-db.com/exploits/22902", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.mandriva.com/security/advisories?name=MDVSA-2013:100", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2012/11/21/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "http://www.securityfocus.com/bid/56619", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id?1027802", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/80213", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0345", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-399", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2010-02-03 19:30
Modified
2024-11-21 01:11
Severity ?
Summary
lighttpd before 1.4.26, and 1.5.x, allocates a buffer for each read operation that occurs for a request, which allows remote attackers to cause a denial of service (memory consumption) by breaking a request into small pieces that are sent at a slow rate.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*", matchCriteriaId: "7197D869-E40E-42D0-B69E-535D2C7FC9F3", versionEndIncluding: "1.4.25", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.0.2:*:*:*:*:*:*:*", matchCriteriaId: "73DE19FF-DAA2-4FFC-9392-6CE1B0B5DF5A", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.0.3:*:*:*:*:*:*:*", matchCriteriaId: "57FABC2C-E678-45E8-9FB3-3026D55D26F3", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.1.0:*:*:*:*:*:*:*", matchCriteriaId: "FB0332C2-9720-4329-A379-5B7048034B3B", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.1.1:*:*:*:*:*:*:*", matchCriteriaId: "F2549EBF-E4B6-4574-BCD8-9DB5F195C9AE", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.1.2:*:*:*:*:*:*:*", matchCriteriaId: "B29F5471-E2A9-421D-A1B5-F0B1444CA9AC", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.1.3:*:*:*:*:*:*:*", matchCriteriaId: "F44FDF24-03A1-43F3-9D9E-F744F0A1AC3F", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.1.4:*:*:*:*:*:*:*", matchCriteriaId: "A4B990A8-B28C-4A4C-89AB-50C754EF6491", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.1.5:*:*:*:*:*:*:*", matchCriteriaId: "55C0A9A3-E628-4AA8-8676-81A8528CC174", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.1.6:*:*:*:*:*:*:*", matchCriteriaId: "8119BEB6-5CBC-4279-9BDE-53ADF1A55F44", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.1.7:*:*:*:*:*:*:*", matchCriteriaId: "211959AC-B76B-4E87-8A08-7789B47F823E", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.1.8:*:*:*:*:*:*:*", matchCriteriaId: "B10DF110-D68E-448F-8BEE-39E0B569596D", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.1.9:*:*:*:*:*:*:*", matchCriteriaId: "1A4B7EDE-CA57-4FB2-8306-924FC8BD9C7A", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.2.0:*:*:*:*:*:*:*", matchCriteriaId: "E9A2745B-661B-489A-9140-FD63F668161A", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.2.1:*:*:*:*:*:*:*", matchCriteriaId: "769931EC-F36A-4F72-A836-85B65CA815C8", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.2.2:*:*:*:*:*:*:*", matchCriteriaId: "D4FE8C27-6822-4AA2-AB80-D29871C74DC2", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.2.3:*:*:*:*:*:*:*", matchCriteriaId: "6FB702A9-C175-477C-B4C7-30AF7DB26165", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.2.5:*:*:*:*:*:*:*", matchCriteriaId: "957A7575-FCAB-4C6B-93C8-C9065B412D8A", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.2.6:*:*:*:*:*:*:*", matchCriteriaId: "1BE481AA-EF32-47AD-846A-FEDE38637680", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.2.7:*:*:*:*:*:*:*", matchCriteriaId: "FFC56FD6-481A-4D60-BAF3-C988AA2395D7", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.2.8:*:*:*:*:*:*:*", matchCriteriaId: "5C691300-EA97-4F67-9C27-3C44FE22E283", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "E0D09EDA-6E8F-4535-98ED-D972940E2E54", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.1:*:*:*:*:*:*:*", matchCriteriaId: "E384FD34-327C-40E7-9043-67BC69E6A52B", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.2:*:*:*:*:*:*:*", matchCriteriaId: "B922D725-F31A-453B-B396-6C7FE0D4844B", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.3:*:*:*:*:*:*:*", matchCriteriaId: "EB61C0DE-BAEB-4D65-91EA-D34BA0BEFC49", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.4:*:*:*:*:*:*:*", matchCriteriaId: "C395148E-BF0E-4C27-B903-444238736B1F", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.5:*:*:*:*:*:*:*", matchCriteriaId: "0C001488-5A41-45F8-A270-C184728C1614", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.6:*:*:*:*:*:*:*", matchCriteriaId: "AAA6EA41-CE55-4854-A5FA-4A49D1A648BD", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.8:*:*:*:*:*:*:*", matchCriteriaId: "16152422-AE34-4970-95B5-440CE8821A05", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.9:*:*:*:*:*:*:*", matchCriteriaId: "F8D34AB8-5DDD-421F-9C9D-65B6B10EDC7C", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.10:*:*:*:*:*:*:*", matchCriteriaId: "53143B04-BB2D-4C40-83B1-8BF8BC6547E6", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.11:*:*:*:*:*:*:*", matchCriteriaId: "589775AF-21DF-4E41-BFE6-41E4FAAB0F28", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.12:*:*:*:*:*:*:*", matchCriteriaId: "E35D1709-6B2C-4F22-9948-F69F88F9156A", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.13:*:*:*:*:*:*:*", matchCriteriaId: "B4949447-0590-4F76-A00E-1EB94FB7621F", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.14:*:*:*:*:*:*:*", matchCriteriaId: "FAF5B9E9-8BB5-42A6-AF87-5CEE31D2EDC5", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.15:*:*:*:*:*:*:*", matchCriteriaId: "518A4727-ECB7-41C4-8DF5-5375BA5281C3", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.16:*:*:*:*:*:*:*", matchCriteriaId: "17207B51-0E7F-4AD2-8AC4-5A5CDC5CDEE5", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.0:*:*:*:*:*:*:*", matchCriteriaId: "45FC99E1-57D4-4B12-BA26-090142B7CBC3", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.2:*:*:*:*:*:*:*", matchCriteriaId: "068AD0FA-306D-4C29-857C-21C6067287E8", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.3:*:*:*:*:*:*:*", matchCriteriaId: "1125A525-36BA-43E1-A316-6BB33DCEC672", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.4:*:*:*:*:*:*:*", matchCriteriaId: "A7E488CF-A3F1-4C8B-A92A-8764FA1E6032", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.5:*:*:*:*:*:*:*", matchCriteriaId: "A5DEAF46-95C2-4187-AF5A-FB8CB2E6FD04", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.6:*:*:*:*:*:*:*", matchCriteriaId: "24C0ECA9-5A9F-47CA-B8CA-28C7324EC722", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.7:*:*:*:*:*:*:*", matchCriteriaId: "B4F8F89B-5A10-4EE3-A035-1CEA44B1691A", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.8:*:*:*:*:*:*:*", matchCriteriaId: "F89FCD49-0C73-4E73-9D99-38700B622A06", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.9:*:*:*:*:*:*:*", matchCriteriaId: "FFA9AF51-F423-4167-88AB-5BF916BCC273", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.10:*:*:*:*:*:*:*", matchCriteriaId: "A21B3F82-1C1D-46EE-92EF-46F7F590957E", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.11:*:*:*:*:*:*:*", matchCriteriaId: "482312DE-D483-42EC-B8B3-C71CE088C7B2", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.12:*:*:*:*:*:*:*", matchCriteriaId: "D5549E74-A7A7-4D99-B08B-C6ACFB3917FD", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.13:*:*:*:*:*:*:*", matchCriteriaId: "72ABD4D8-8AD9-45E5-8FF5-FA947AC07F49", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.14:*:*:*:*:*:*:*", matchCriteriaId: "0EC04CE1-4C31-42B7-A92D-38393F549014", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.15:*:*:*:*:*:*:*", matchCriteriaId: "F79EED03-A95B-4636-A0AA-1F9E72DEF930", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.16:*:*:*:*:*:*:*", matchCriteriaId: "176D53A7-A81C-4C1F-A7B8-90604A9545F8", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.17:*:*:*:*:*:*:*", matchCriteriaId: "8372FF7B-CF9B-4963-AB53-704E87AF3540", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.18:*:*:*:*:*:*:*", matchCriteriaId: "DA46E89A-565E-439D-BCB2-6CEE44EFDFAC", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.19:*:*:*:*:*:*:*", matchCriteriaId: "0A0C3E7A-1F5B-4926-A69F-0D4BB54E52D7", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.20:*:*:*:*:*:*:*", matchCriteriaId: "B33D950D-83A0-446E-A55D-D4DB42734B8A", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.21:*:*:*:*:*:*:*", matchCriteriaId: "25A066E2-FE6B-40F9-A05C-BAF461A71409", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.22:*:*:*:*:*:*:*", matchCriteriaId: "6FA07E2C-68C3-4B99-B497-F6D6207903B1", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.23:*:*:*:*:*:*:*", matchCriteriaId: "83918300-255F-4EC8-AA1A-FDC19FBB2D12", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.24:*:*:*:*:*:*:*", matchCriteriaId: "28D22D2F-8487-4B8D-97DD-743114A37EAD", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.5.0:*:*:*:*:*:*:*", matchCriteriaId: "B2CB5DC6-F7D3-45C3-86FC-150216F08A35", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "lighttpd before 1.4.26, and 1.5.x, allocates a buffer for each read operation that occurs for a request, which allows remote attackers to cause a denial of service (memory consumption) by breaking a request into small pieces that are sent at a slow rate.", }, { lang: "es", value: "lighttpd anterior a v1.4.26 y v1.5.x, reserva un búfer por cada operación de lectura para cada petición, lo que permite a atacantes remotos provocar una denegación de servicio (consumo de memoria) rompiendo la petición en pequeños pedazos que son enviados a baja velocidad.", }, ], id: "CVE-2010-0295", lastModified: "2024-11-21T01:11:55.347", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2010-02-03T19:30:00.467", references: [ { source: "secalert@redhat.com", url: "http://blogs.sun.com/security/entry/cve_2010_0295_vulnerability_in", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://download.lighttpd.net/lighttpd/security/lighttpd-1.4.x_fix_slow_request_dos.patch", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://download.lighttpd.net/lighttpd/security/lighttpd-1.5_fix_slow_request_dos.patch", }, { source: "secalert@redhat.com", tags: [ "Patch", ], url: "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2010_01.txt", }, { source: "secalert@redhat.com", url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041264.html", }, { source: "secalert@redhat.com", url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041296.html", }, { source: "secalert@redhat.com", url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041307.html", }, { source: "secalert@redhat.com", url: "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00003.html", }, { source: "secalert@redhat.com", url: "http://redmine.lighttpd.net/issues/2147", }, { source: "secalert@redhat.com", url: "http://redmine.lighttpd.net/projects/lighttpd/repository/revisions/2710", }, { source: "secalert@redhat.com", url: "http://redmine.lighttpd.net/projects/lighttpd/repository/revisions/2711", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/38403", }, { source: "secalert@redhat.com", url: "http://secunia.com/advisories/39765", }, { source: "secalert@redhat.com", url: "http://security.gentoo.org/glsa/glsa-201006-17.xml", }, { source: "secalert@redhat.com", url: "http://www.debian.org/security/2010/dsa-1987", }, { source: "secalert@redhat.com", url: "http://www.openwall.com/lists/oss-security/2010/02/01/8", }, { source: "secalert@redhat.com", tags: [ "Exploit", "Patch", ], url: "http://www.securityfocus.com/bid/38036", }, { source: "secalert@redhat.com", url: "http://www.vupen.com/english/advisories/2011/0172", }, { source: "secalert@redhat.com", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/56038", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://blogs.sun.com/security/entry/cve_2010_0295_vulnerability_in", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://download.lighttpd.net/lighttpd/security/lighttpd-1.4.x_fix_slow_request_dos.patch", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://download.lighttpd.net/lighttpd/security/lighttpd-1.5_fix_slow_request_dos.patch", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2010_01.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041264.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041296.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041307.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00003.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://redmine.lighttpd.net/issues/2147", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://redmine.lighttpd.net/projects/lighttpd/repository/revisions/2710", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://redmine.lighttpd.net/projects/lighttpd/repository/revisions/2711", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/38403", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/39765", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://security.gentoo.org/glsa/glsa-201006-17.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2010/dsa-1987", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2010/02/01/8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", ], url: "http://www.securityfocus.com/bid/38036", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2011/0172", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/56038", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-399", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-09-12 15:15
Modified
2024-11-21 07:15
Severity ?
Summary
In lighttpd 1.4.65, mod_wstunnel does not initialize a handler function pointer if an invalid HTTP request (websocket handshake) is received. It leads to null pointer dereference which crashes the server. It could be used by an external attacker to cause denial of service condition.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2022/10/msg00002.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://redmine.lighttpd.net/issues/3165 | Exploit, Issue Tracking, Third Party Advisory | |
| cve@mitre.org | https://security.gentoo.org/glsa/202210-12 | Third Party Advisory | |
| cve@mitre.org | https://www.debian.org/security/2022/dsa-5243 | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2022/10/msg00002.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://redmine.lighttpd.net/issues/3165 | Exploit, Issue Tracking, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://security.gentoo.org/glsa/202210-12 | Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://www.debian.org/security/2022/dsa-5243 | Mailing List, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| lighttpd | lighttpd | 1.4.65 | |
| debian | debian_linux | 10.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.65:*:*:*:*:*:*:*", matchCriteriaId: "723D083B-5909-420E-8618-9487635CECD3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", matchCriteriaId: "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "In lighttpd 1.4.65, mod_wstunnel does not initialize a handler function pointer if an invalid HTTP request (websocket handshake) is received. It leads to null pointer dereference which crashes the server. It could be used by an external attacker to cause denial of service condition.", }, { lang: "es", value: "En lighttpd 1.4.65, la función mod_wstunnel no inicializa un puntero de función de manejador si es recibida una petición HTTP no válida (websocket handshake). Esto conlleva a una desreferencia de puntero null que hace que el servidor sea bloqueado. Podría ser usado por un atacante externo para causar una condición de denegación de servicio", }, ], id: "CVE-2022-37797", lastModified: "2024-11-21T07:15:11.137", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-09-12T15:15:08.170", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2022/10/msg00002.html", }, { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://redmine.lighttpd.net/issues/3165", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202210-12", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.debian.org/security/2022/dsa-5243", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2022/10/msg00002.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://redmine.lighttpd.net/issues/3165", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202210-12", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://www.debian.org/security/2022/dsa-5243", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-476", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2008-03-10 21:44
Modified
2024-11-21 00:44
Severity ?
Summary
mod_userdir in lighttpd 1.4.18 and earlier, when userdir.path is not set, uses a default of $HOME, which might allow remote attackers to read arbitrary files, as demonstrated by accessing the ~nobody directory.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*", matchCriteriaId: "393AADC9-347D-46AB-AD28-BE297CC4691F", versionEndIncluding: "1.4.18", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "mod_userdir in lighttpd 1.4.18 and earlier, when userdir.path is not set, uses a default of $HOME, which might allow remote attackers to read arbitrary files, as demonstrated by accessing the ~nobody directory.", }, { lang: "es", value: "mod_userdir en lighttpd 1.4.18 y anteriores, cuando no está establecido el userdir.path usa un $HOME por defecto, que podría permitir a atacantes remotos leer ficheros de su elección como se ha demostrado accediendo al directorio ~nobody.", }, ], id: "CVE-2008-1270", lastModified: "2024-11-21T00:44:07.940", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2008-03-10T21:44:00.000", references: [ { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/29318", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/29403", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/29622", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/29636", }, { source: "cve@mitre.org", url: "http://security.gentoo.org/glsa/glsa-200804-08.xml", }, { source: "cve@mitre.org", url: "http://trac.lighttpd.net/trac/ticket/1587", }, { source: "cve@mitre.org", url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0106", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2008/dsa-1521", }, { source: "cve@mitre.org", url: "http://www.lighttpd.net/2008/3/10/1-4-19-made-in-germany", }, { source: "cve@mitre.org", url: "http://www.lighttpd.net/security/lighttpd_sa_2008_03.txt", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/archive/1/489465/100/0/threaded", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/28226", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2008/0885/references", }, { source: "cve@mitre.org", url: "https://bugs.gentoo.org/show_bug.cgi?id=212930", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/41173", }, { source: "cve@mitre.org", tags: [ "Exploit", ], url: "https://issues.rpath.com/browse/RPL-2344", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/29318", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/29403", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/29622", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/29636", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://security.gentoo.org/glsa/glsa-200804-08.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://trac.lighttpd.net/trac/ticket/1587", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0106", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2008/dsa-1521", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.lighttpd.net/2008/3/10/1-4-19-made-in-germany", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.lighttpd.net/security/lighttpd_sa_2008_03.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/489465/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/28226", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2008/0885/references", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugs.gentoo.org/show_bug.cgi?id=212930", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/41173", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", ], url: "https://issues.rpath.com/browse/RPL-2344", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2007-09-12 19:17
Modified
2024-11-21 00:36
Severity ?
Summary
Buffer overflow in the fcgi_env_add function in mod_proxy_backend_fastcgi.c in the mod_fastcgi extension in lighttpd before 1.4.18 allows remote attackers to overwrite arbitrary CGI variables and execute arbitrary code via an HTTP request with a long content length, as demonstrated by overwriting the SCRIPT_FILENAME variable, aka a "header overflow."
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*", matchCriteriaId: "280F8BA1-34E8-4A93-871C-49E6F6826F2C", versionEndIncluding: "1.4.15", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Buffer overflow in the fcgi_env_add function in mod_proxy_backend_fastcgi.c in the mod_fastcgi extension in lighttpd before 1.4.18 allows remote attackers to overwrite arbitrary CGI variables and execute arbitrary code via an HTTP request with a long content length, as demonstrated by overwriting the SCRIPT_FILENAME variable, aka a \"header overflow.\"", }, { lang: "es", value: "Desbordamiento de búfer en la función fcgi_env_add de mod_proxy_backend_fastcgi.c en la extensión mod_fastcgi en lighttpd anterior a 1.4.18 permite a atacantes remotos sobrescribir variables CGI de su elección y ejecutar código de su elección mediante una petición HTTP con una longitud de contenido larga, como se ha demostrado sobrescribiendo la variable SCRIPT_FILENAME, también conocido como \"desbordamiento de cabecera\".", }, ], id: "CVE-2007-4727", lastModified: "2024-11-21T00:36:18.677", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: true, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2007-09-12T19:17:00.000", references: [ { source: "cve@mitre.org", url: "http://fedoranews.org/updates/FEDORA-2007-213.shtml", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/26732", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/26794", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/26824", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/26997", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/27229", }, { source: "cve@mitre.org", url: "http://securityreason.com/securityalert/3127", }, { source: "cve@mitre.org", url: "http://secweb.se/en/advisories/lighttpd-fastcgi-remote-vulnerability/", }, { source: "cve@mitre.org", url: "http://trac.lighttpd.net/trac/changeset/1986", }, { source: "cve@mitre.org", url: "http://www.gentoo.org/security/en/glsa/glsa-200709-16.xml", }, { source: "cve@mitre.org", url: "http://www.lighttpd.net/assets/2007/9/9/lighttpd_sa_2007_12.txt", }, { source: "cve@mitre.org", url: "http://www.novell.com/linux/security/advisories/2007_20_sr.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/archive/1/479763/100/0/threaded", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/25622", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2007/3110", }, { source: "cve@mitre.org", url: "https://bugzilla.redhat.com/show_bug.cgi?id=284511", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/36526", }, { source: "cve@mitre.org", url: "https://issues.rpath.com/browse/RPL-1715", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://fedoranews.org/updates/FEDORA-2007-213.shtml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/26732", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/26794", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/26824", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/26997", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/27229", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://securityreason.com/securityalert/3127", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secweb.se/en/advisories/lighttpd-fastcgi-remote-vulnerability/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://trac.lighttpd.net/trac/changeset/1986", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.gentoo.org/security/en/glsa/glsa-200709-16.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.lighttpd.net/assets/2007/9/9/lighttpd_sa_2007_12.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.novell.com/linux/security/advisories/2007_20_sr.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/479763/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/25622", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2007/3110", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugzilla.redhat.com/show_bug.cgi?id=284511", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/36526", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://issues.rpath.com/browse/RPL-1715", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2019-04-10 22:29
Modified
2024-11-21 04:20
Severity ?
Summary
lighttpd before 1.4.54 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a malicious HTTP GET request, as demonstrated by mishandling of /%2F? in burl_normalize_2F_to_slash_fix in burl.c. NOTE: The developer states "The feature which can be abused to cause the crash is a new feature in lighttpd 1.4.50, and is not enabled by default. It must be explicitly configured in the config file (e.g. lighttpd.conf). Certain input will trigger an abort() in lighttpd when that feature is enabled. lighttpd detects the underflow or realloc() will fail (in both 32-bit and 64-bit executables), also detected in lighttpd. Either triggers an explicit abort() by lighttpd. This is not exploitable beyond triggering the explicit abort() with subsequent application exit.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://www.securityfocus.com/bid/107907 | Third Party Advisory, VDB Entry | |
| cve@mitre.org | https://github.com/lighttpd/lighttpd1.4/commit/32120d5b8b3203fc21ccb9eafb0eaf824bb59354 | Patch, Third Party Advisory | |
| cve@mitre.org | https://redmine.lighttpd.net/issues/2945 | Exploit, Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/107907 | Third Party Advisory, VDB Entry | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/lighttpd/lighttpd1.4/commit/32120d5b8b3203fc21ccb9eafb0eaf824bb59354 | Patch, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://redmine.lighttpd.net/issues/2945 | Exploit, Patch, Third Party Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*", matchCriteriaId: "8CDE5522-6BFF-4679-8289-6A43F9749818", versionEndIncluding: "1.4.53", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [ { sourceIdentifier: "cve@mitre.org", tags: [ "disputed", ], }, ], descriptions: [ { lang: "en", value: "lighttpd before 1.4.54 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a malicious HTTP GET request, as demonstrated by mishandling of /%2F? in burl_normalize_2F_to_slash_fix in burl.c. NOTE: The developer states \"The feature which can be abused to cause the crash is a new feature in lighttpd 1.4.50, and is not enabled by default. It must be explicitly configured in the config file (e.g. lighttpd.conf). Certain input will trigger an abort() in lighttpd when that feature is enabled. lighttpd detects the underflow or realloc() will fail (in both 32-bit and 64-bit executables), also detected in lighttpd. Either triggers an explicit abort() by lighttpd. This is not exploitable beyond triggering the explicit abort() with subsequent application exit.", }, { lang: "es", value: "** EN DISPUTA ** lighttpd before 1.4.54 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a malicious HTTP GET request, as demonstrated by mishandling of /%2F? in burl_normalize_2F_to_slash_fix in burl.c. NOTA: El desarrollador afirma \"La característica que puede ser abusada para causar el fallo es una nueva característica en lighttpd 1.4.50, y no está habilitada por defecto. Debe estar configurado explícitamente en el archivo de configuración (por ejemplo, lighttpd.conf). Cierta entrada activará un abort() en lighttpd cuando esa característica esté activada. lighttpd detecta que el underflow o realloc() fallará (tanto en ejecutables de 32 bits como en ejecutables de 64 bits), también detectado en lighttpd. O bien desencadena un abort() explícito por parte de lighttpd. Esto no es explotable más allá de activar el abort() explícito con la subsiguiente salida de la aplicación\".", }, ], id: "CVE-2019-11072", lastModified: "2024-11-21T04:20:29.117", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2019-04-10T22:29:00.267", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/107907", }, { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/lighttpd/lighttpd1.4/commit/32120d5b8b3203fc21ccb9eafb0eaf824bb59354", }, { source: "cve@mitre.org", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://redmine.lighttpd.net/issues/2945", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/107907", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://github.com/lighttpd/lighttpd1.4/commit/32120d5b8b3203fc21ccb9eafb0eaf824bb59354", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", "Third Party Advisory", ], url: "https://redmine.lighttpd.net/issues/2945", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-190", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2007-07-24 00:30
Modified
2024-11-21 00:34
Severity ?
Summary
mod_access.c in lighttpd 1.4.15 ignores trailing / (slash) characters in the URL, which allows remote attackers to bypass url.access-deny settings.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*", matchCriteriaId: "280F8BA1-34E8-4A93-871C-49E6F6826F2C", versionEndIncluding: "1.4.15", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "mod_access.c in lighttpd 1.4.15 ignores trailing / (slash) characters in the URL, which allows remote attackers to bypass url.access-deny settings.", }, { lang: "es", value: "mod_access.c en lighttpd 1.4.15 ignora los caracteres / barra invertida (slash) en la URL, lo cual permite a atacantes remotos evitar configuraciones de url.access-deny.", }, ], evaluatorSolution: "Venbdor has released upgrade: http://trac.lighttpd.net/trac/", id: "CVE-2007-3949", lastModified: "2024-11-21T00:34:26.473", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 8.3, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:C", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 8.5, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2007-07-24T00:30:00.000", references: [ { source: "cve@mitre.org", url: "http://osvdb.org/38311", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/26130", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/26158", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/26505", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/26593", }, { source: "cve@mitre.org", url: "http://security.gentoo.org/glsa/glsa-200708-11.xml", }, { source: "cve@mitre.org", url: "http://trac.lighttpd.net/trac/changeset/1871", }, { source: "cve@mitre.org", url: "http://trac.lighttpd.net/trac/ticket/1230", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2007/dsa-1362", }, { source: "cve@mitre.org", url: "http://www.lighttpd.net/2007/7/24/1-4-16-let-s-ship-it", }, { source: "cve@mitre.org", url: "http://www.novell.com/linux/security/advisories/2007_15_sr.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/archive/1/474131/100/0/threaded", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/24967", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2007/2585", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://osvdb.org/38311", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/26130", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/26158", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/26505", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/26593", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://security.gentoo.org/glsa/glsa-200708-11.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://trac.lighttpd.net/trac/changeset/1871", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://trac.lighttpd.net/trac/ticket/1230", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2007/dsa-1362", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.lighttpd.net/2007/7/24/1-4-16-let-s-ship-it", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.novell.com/linux/security/advisories/2007_15_sr.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/474131/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/24967", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2007/2585", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2013-11-20 14:12
Modified
2024-11-21 01:55
Severity ?
Summary
Use-after-free vulnerability in lighttpd before 1.4.33 allows remote attackers to cause a denial of service (segmentation fault and crash) via unspecified vectors that trigger FAMMonitorDirectory failures.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| lighttpd | lighttpd | * | |
| debian | debian_linux | 6.0 | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| opensuse | opensuse | 12.2 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*", matchCriteriaId: "855B05A3-31E9-4323-9BD0-CA7DF99FDD97", versionEndExcluding: "1.4.33", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "036E8A89-7A16-411F-9D31-676313BB7244", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*", matchCriteriaId: "D806A17E-B8F9-466D-807D-3F1E77603DC8", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", matchCriteriaId: "DFBF430B-0832-44B0-AA0E-BA9E467F7668", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Use-after-free vulnerability in lighttpd before 1.4.33 allows remote attackers to cause a denial of service (segmentation fault and crash) via unspecified vectors that trigger FAMMonitorDirectory failures.", }, { lang: "es", value: "Vulnerabilidad de uso después de liberación en lighttpd anterior a la versión 1.4.33 permite a atacantes remotos provocar una denegación de servicio (fallo de segmentación y caída) a través de vectores que desencadenen fallos FAMMonitorDirectory.", }, ], id: "CVE-2013-4560", lastModified: "2024-11-21T01:55:49.940", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2013-11-20T14:12:30.727", references: [ { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2013_03.txt", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://jvn.jp/en/jp/JVN37417423/index.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00049.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141576815022399&w=2", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/55682", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2013/11/12/4", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2013/dsa-2795", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2013_03.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://jvn.jp/en/jp/JVN37417423/index.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00049.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141576815022399&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/55682", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2013/11/12/4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2013/dsa-2795", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-416", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2007-07-24 00:30
Modified
2024-11-21 00:34
Severity ?
Summary
connections.c in lighttpd before 1.4.16 might accept more connections than the configured maximum, which allows remote attackers to cause a denial of service (failed assertion) via a large number of connection attempts.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*", matchCriteriaId: "280F8BA1-34E8-4A93-871C-49E6F6826F2C", versionEndIncluding: "1.4.15", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "connections.c in lighttpd before 1.4.16 might accept more connections than the configured maximum, which allows remote attackers to cause a denial of service (failed assertion) via a large number of connection attempts.", }, { lang: "es", value: "connections.c en lighttpd anterior 1.4.16 podría aceptar mas conexiones que el máximo configurado, lo cual permite a atacantes remotos provocar denegación de servicio (fallo de afirmación) a través de un gran número de intentos de conexión.", }, ], evaluatorSolution: "The vendor has released an upgrade which solves the vulnerability: http://trac.lighttpd.net/trac/", id: "CVE-2007-3948", lastModified: "2024-11-21T00:34:26.333", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2007-07-24T00:30:00.000", references: [ { source: "cve@mitre.org", url: "http://osvdb.org/38312", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/26130", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/26158", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/26505", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/31104", }, { source: "cve@mitre.org", url: "http://security.gentoo.org/glsa/glsa-200708-11.xml", }, { source: "cve@mitre.org", url: "http://trac.lighttpd.net/trac/changeset/1873", }, { source: "cve@mitre.org", url: "http://trac.lighttpd.net/trac/ticket/1216", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2008/dsa-1609", }, { source: "cve@mitre.org", url: "http://www.novell.com/linux/security/advisories/2007_15_sr.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/archive/1/474131/100/0/threaded", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/24967", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2007/2585", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://osvdb.org/38312", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/26130", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/26158", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/26505", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/31104", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://security.gentoo.org/glsa/glsa-200708-11.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://trac.lighttpd.net/trac/changeset/1873", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://trac.lighttpd.net/trac/ticket/1216", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2008/dsa-1609", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.novell.com/linux/security/advisories/2007_15_sr.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/474131/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/24967", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2007/2585", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2008-03-27 23:44
Modified
2024-11-21 00:44
Severity ?
Summary
The connection_state_machine function (connections.c) in lighttpd 1.4.19 and earlier, and 1.5.x before 1.5.0, allows remote attackers to cause a denial of service (active SSL connection loss) by triggering an SSL error, such as disconnecting before a download has finished, which causes all active SSL connections to be lost.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*", matchCriteriaId: "78C95091-A48E-4C17-BB2C-ED771DDDF6D4", versionEndIncluding: "1.4.19", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*", matchCriteriaId: "C0DD96A7-552B-4DC0-BFF5-63022F0A771B", versionEndExcluding: "1.5.0", versionStartIncluding: "1.5", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", matchCriteriaId: "0F92AB32-E7DE-43F4-B877-1F41FA162EC7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The connection_state_machine function (connections.c) in lighttpd 1.4.19 and earlier, and 1.5.x before 1.5.0, allows remote attackers to cause a denial of service (active SSL connection loss) by triggering an SSL error, such as disconnecting before a download has finished, which causes all active SSL connections to be lost.", }, { lang: "es", value: "La función connection_state_machine (connections.c) en lighttpd versión 1.4.19 y anteriores, y versión 1.5.x anterior a 1.5.0, permite a los atacantes remotos generar una denegación de servicio (pérdida de conexión SSL activa) al activar un error SSL, como desconectarse antes que una descarga ha finalizado, lo que hace que todas las conexiones SSL activas se pierdan.", }, ], id: "CVE-2008-1531", lastModified: "2024-11-21T00:44:44.870", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], }, published: "2008-03-27T23:44:00.000", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/29505", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/29544", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/29636", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/29649", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/30023", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://security.gentoo.org/glsa/glsa-200804-08.xml", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Vendor Advisory", ], url: "http://trac.lighttpd.net/trac/changeset/2136", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Vendor Advisory", ], url: "http://trac.lighttpd.net/trac/changeset/2139", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Vendor Advisory", ], url: "http://trac.lighttpd.net/trac/changeset/2140", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://trac.lighttpd.net/trac/ticket/285#comment:18", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://trac.lighttpd.net/trac/ticket/285#comment:21", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0132", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2008/dsa-1540", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://www.osvdb.org/43788", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/490323/100/0/threaded", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/28489", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.vupen.com/english/advisories/2008/1063/references", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://bugs.gentoo.org/show_bug.cgi?id=214892", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/41545", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "https://issues.rpath.com/browse/RPL-2407", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00562.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00587.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/29505", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/29544", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/29636", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/29649", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/30023", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://security.gentoo.org/glsa/glsa-200804-08.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Vendor Advisory", ], url: "http://trac.lighttpd.net/trac/changeset/2136", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Vendor Advisory", ], url: "http://trac.lighttpd.net/trac/changeset/2139", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Vendor Advisory", ], url: "http://trac.lighttpd.net/trac/changeset/2140", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://trac.lighttpd.net/trac/ticket/285#comment:18", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://trac.lighttpd.net/trac/ticket/285#comment:21", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0132", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2008/dsa-1540", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://www.osvdb.org/43788", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/490323/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/28489", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.vupen.com/english/advisories/2008/1063/references", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://bugs.gentoo.org/show_bug.cgi?id=214892", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/41545", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "https://issues.rpath.com/browse/RPL-2407", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00562.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.redhat.com/archives/fedora-package-announce/2008-April/msg00587.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2013-11-08 04:47
Modified
2024-11-21 01:55
Severity ?
Summary
lighttpd before 1.4.34, when SNI is enabled, configures weak SSL ciphers, which makes it easier for remote attackers to hijack sessions by inserting packets into the client-server data stream or obtain sensitive information by sniffing the network.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| lighttpd | lighttpd | * | |
| debian | debian_linux | 6.0 | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| opensuse | opensuse | 12.2 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*", matchCriteriaId: "7EFAC0AA-4A42-4ED3-A362-D3A931B995FE", versionEndIncluding: "1.4.33", versionStartIncluding: "1.4.24", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "036E8A89-7A16-411F-9D31-676313BB7244", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*", matchCriteriaId: "D806A17E-B8F9-466D-807D-3F1E77603DC8", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", matchCriteriaId: "DFBF430B-0832-44B0-AA0E-BA9E467F7668", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "lighttpd before 1.4.34, when SNI is enabled, configures weak SSL ciphers, which makes it easier for remote attackers to hijack sessions by inserting packets into the client-server data stream or obtain sensitive information by sniffing the network.", }, { lang: "es", value: "lighttpd anteriores a 1.4.34, cuando SNI esta habilitado, configura cifrados SSL débiles, lo que hace más fácil para un atacante remoto secuestrar sesiones insertando paquetes en el flujo de datos cliente-servidor u obtener información sensible capturando la red.", }, ], id: "CVE-2013-4508", lastModified: "2024-11-21T01:55:42.283", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2013-11-08T04:47:22.900", references: [ { source: "secalert@redhat.com", tags: [ "Exploit", "Mitigation", "Vendor Advisory", ], url: "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2013_01.txt", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://jvn.jp/en/jp/JVN37417423/index.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00049.html", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141576815022399&w=2", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://openwall.com/lists/oss-security/2013/11/04/19", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "http://redmine.lighttpd.net/issues/2525", }, { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "http://redmine.lighttpd.net/projects/lighttpd/repository/revisions/2913/diff/", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2013/dsa-2795", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Mitigation", "Vendor Advisory", ], url: "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2013_01.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://jvn.jp/en/jp/JVN37417423/index.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00049.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141576815022399&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://openwall.com/lists/oss-security/2013/11/04/19", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Vendor Advisory", ], url: "http://redmine.lighttpd.net/issues/2525", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://redmine.lighttpd.net/projects/lighttpd/repository/revisions/2913/diff/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2013/dsa-2795", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-326", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2015-06-09 14:59
Modified
2024-11-21 02:28
Severity ?
Summary
mod_auth in lighttpd before 1.4.36 allows remote attackers to inject arbitrary log entries via a basic HTTP authentication string without a colon character, as demonstrated by a string containing a NULL and new line character.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*", matchCriteriaId: "65585561-5F39-42B5-B41F-F805C23945AD", versionEndIncluding: "1.4.35", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:hp:virtual_customer_access_system:*:*:*:*:*:*:*:*", matchCriteriaId: "7C2DBCE5-308D-4432-96F5-5444B265AB27", versionEndIncluding: "15.07", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", matchCriteriaId: "79A602C5-61FE-47BA-9786-F045B6C6DBA8", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "mod_auth in lighttpd before 1.4.36 allows remote attackers to inject arbitrary log entries via a basic HTTP authentication string without a colon character, as demonstrated by a string containing a NULL and new line character.", }, { lang: "es", value: "mod_auth en lighttpd anterior a 1.4.36 permite a atacantes remotos inyectar entradas de registro largas a través de una cadena de la autenticación HTTP básica sin un caracter de dos puntos, tal y como fue demostrado por una cadena que contiene un caracter nulo y de nueva línea.", }, ], id: "CVE-2015-3200", lastModified: "2024-11-21T02:28:53.540", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2015-06-09T14:59:01.147", references: [ { source: "secalert@redhat.com", tags: [ "Exploit", "Third Party Advisory", ], url: "http://jaanuskp.blogspot.com/2015/05/cve-2015-3200.html", }, { source: "secalert@redhat.com", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163223.html", }, { source: "secalert@redhat.com", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163286.html", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://redmine.lighttpd.net/issues/2646", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", }, { source: "secalert@redhat.com", url: "http://www.securityfocus.com/bid/74813", }, { source: "secalert@redhat.com", tags: [ "VDB Entry", ], url: "http://www.securitytracker.com/id/1032405", }, { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05247375", }, { source: "secalert@redhat.com", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10310", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "http://jaanuskp.blogspot.com/2015/05/cve-2015-3200.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163223.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163286.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://redmine.lighttpd.net/issues/2646", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/74813", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "VDB Entry", ], url: "http://www.securitytracker.com/id/1032405", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05247375", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10310", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-74", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2013-11-20 14:12
Modified
2024-11-21 01:55
Severity ?
Summary
lighttpd before 1.4.33 does not check the return value of the (1) setuid, (2) setgid, or (3) setgroups functions, which might cause lighttpd to run as root if it is restarted and allows remote attackers to gain privileges, as demonstrated by multiple calls to the clone function that cause setuid to fail when the user process limit is reached.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| lighttpd | lighttpd | * | |
| debian | debian_linux | 6.0 | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| opensuse | opensuse | 12.2 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*", matchCriteriaId: "855B05A3-31E9-4323-9BD0-CA7DF99FDD97", versionEndExcluding: "1.4.33", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "036E8A89-7A16-411F-9D31-676313BB7244", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*", matchCriteriaId: "D806A17E-B8F9-466D-807D-3F1E77603DC8", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", matchCriteriaId: "DFBF430B-0832-44B0-AA0E-BA9E467F7668", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "lighttpd before 1.4.33 does not check the return value of the (1) setuid, (2) setgid, or (3) setgroups functions, which might cause lighttpd to run as root if it is restarted and allows remote attackers to gain privileges, as demonstrated by multiple calls to the clone function that cause setuid to fail when the user process limit is reached.", }, { lang: "es", value: "lighttpd anterior a la versión 1.4.33 no comprueba el valor de vuelta de (1) setuid, (2) setgid, o (3) setgroups, lo que podría causar que lighttpd se ejecute bajo administrador si es reiniciado y permitir a atacantes remotos obtener privilegios, tal y como se demostró con múltiples llamadas a la función de clonado que provocó que setuid fallara cuando el límite de proceso de usuario era alcanzado.", }, ], id: "CVE-2013-4559", lastModified: "2024-11-21T01:55:49.813", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.6, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:H/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 4.9, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2013-11-20T14:12:30.727", references: [ { source: "secalert@redhat.com", tags: [ "Vendor Advisory", ], url: "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2013_02.txt", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://jvn.jp/en/jp/JVN37417423/index.html", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00049.html", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141576815022399&w=2", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/55682", }, { source: "secalert@redhat.com", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2013/11/12/4", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10310", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2013/dsa-2795", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2013_02.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://jvn.jp/en/jp/JVN37417423/index.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2014-01/msg00049.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141576815022399&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/55682", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2013/11/12/4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10310", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://www.debian.org/security/2013/dsa-2795", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-264", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-03-14 15:55
Modified
2024-11-21 02:06
Severity ?
Summary
Multiple directory traversal vulnerabilities in (1) mod_evhost and (2) mod_simple_vhost in lighttpd before 1.4.35 allow remote attackers to read arbitrary files via a .. (dot dot) in the host name, related to request_check_hostname.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| lighttpd | lighttpd | * | |
| debian | debian_linux | 6.0 | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| opensuse | opensuse | 11.4 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 | |
| suse | linux_enterprise_high_availability_extension | 11 | |
| suse | linux_enterprise_software_development_kit | 11 | |
| contec | sv-cpt-mc310_firmware | * | |
| contec | sv-cpt-mc310 | - |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*", matchCriteriaId: "073885C4-B20B-46CA-8187-D644E5A53877", versionEndExcluding: "1.4.35", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "036E8A89-7A16-411F-9D31-676313BB7244", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", matchCriteriaId: "DE554781-1EB9-446E-911F-6C11970C47F4", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", matchCriteriaId: "DFBF430B-0832-44B0-AA0E-BA9E467F7668", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_high_availability_extension:11:sp3:*:*:*:*:*:*", matchCriteriaId: "A3A907A3-2A3A-46D4-8D75-914649877B65", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*", matchCriteriaId: "2F7F8866-DEAD-44D1-AB10-21EE611AA026", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:contec:sv-cpt-mc310_firmware:*:*:*:*:*:*:*:*", matchCriteriaId: "F8EF2969-D593-4759-849A-FA0C3B0C7524", versionEndExcluding: "6.5", vulnerable: true, }, ], negate: false, operator: "OR", }, { cpeMatch: [ { criteria: "cpe:2.3:h:contec:sv-cpt-mc310:-:*:*:*:*:*:*:*", matchCriteriaId: "F9FCCA5E-19F8-47D9-A6C6-77AF2AEFD51A", vulnerable: false, }, ], negate: false, operator: "OR", }, ], operator: "AND", }, ], cveTags: [], descriptions: [ { lang: "en", value: "Multiple directory traversal vulnerabilities in (1) mod_evhost and (2) mod_simple_vhost in lighttpd before 1.4.35 allow remote attackers to read arbitrary files via a .. (dot dot) in the host name, related to request_check_hostname.", }, { lang: "es", value: "Múltiples vulnerabilidades de salto de directorio en (1) mod_evhost y (2) mod_simple_vhost en lighttpd anterior a 1.4.35 permiten a atacantes remotos leer archivos arbitrarios a través de un .. (punto punto) en el nombre de host, relacionado con request_check_hostname.", }, ], id: "CVE-2014-2324", lastModified: "2024-11-21T02:06:04.650", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2014-03-14T15:55:05.760", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Vendor Advisory", ], url: "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2014_01.txt", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://jvn.jp/en/jp/JVN37417423/index.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00023.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00002.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00006.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141576815022399&w=2", }, { source: "cve@mitre.org", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/oss-sec/2014/q1/561", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/oss-sec/2014/q1/564", }, { source: "cve@mitre.org", tags: [ "Not Applicable", ], url: "http://secunia.com/advisories/57404", }, { source: "cve@mitre.org", tags: [ "Not Applicable", ], url: "http://secunia.com/advisories/57514", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-2877", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.lighttpd.net/2014/3/12/1.4.35/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/66157", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Vendor Advisory", ], url: "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2014_01.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://jvn.jp/en/jp/JVN37417423/index.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00023.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00002.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00006.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141576815022399&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/oss-sec/2014/q1/561", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/oss-sec/2014/q1/564", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Not Applicable", ], url: "http://secunia.com/advisories/57404", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Not Applicable", ], url: "http://secunia.com/advisories/57514", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-2877", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.lighttpd.net/2014/3/12/1.4.35/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/66157", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2007-04-18 03:19
Modified
2024-11-21 00:29
Severity ?
Summary
lighttpd 1.4.12 and 1.4.13 allows remote attackers to cause a denial of service (cpu and resource consumption) by disconnecting while lighttpd is parsing CRLF sequences, which triggers an infinite loop and file descriptor consumption.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.12:*:*:*:*:*:*:*", matchCriteriaId: "D5549E74-A7A7-4D99-B08B-C6ACFB3917FD", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.13:*:*:*:*:*:*:*", matchCriteriaId: "72ABD4D8-8AD9-45E5-8FF5-FA947AC07F49", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "lighttpd 1.4.12 and 1.4.13 allows remote attackers to cause a denial of service (cpu and resource consumption) by disconnecting while lighttpd is parsing CRLF sequences, which triggers an infinite loop and file descriptor consumption.", }, { lang: "es", value: "lighttpd 1.4.12 y 1.4.13 permite a atacantes remotos provocar una denegación de servicio (consumo de recursos y cpu) desconectando cuando lighttpd está analizando secuencias CRLF, lo cual provoca un bucle infinito y el consumo de descriptor de fichero.", }, ], id: "CVE-2007-1869", lastModified: "2024-11-21T00:29:21.017", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2007-04-18T03:19:00.000", references: [ { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/24886", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/24947", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/24995", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/25166", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/25613", }, { source: "cve@mitre.org", url: "http://security.gentoo.org/glsa/glsa-200705-07.xml", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2007/dsa-1303", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.lighttpd.net/assets/2007/4/13/lighttpd_sa2007_01.txt", }, { source: "cve@mitre.org", url: "http://www.novell.com/linux/security/advisories/2007_007_suse.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/archive/1/466464/30/6900/threaded", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/23515", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2007/1399", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/33671", }, { source: "cve@mitre.org", url: "https://issues.rpath.com/browse/RPL-1218", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/24886", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/24947", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/24995", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/25166", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/25613", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://security.gentoo.org/glsa/glsa-200705-07.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2007/dsa-1303", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.lighttpd.net/assets/2007/4/13/lighttpd_sa2007_01.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.novell.com/linux/security/advisories/2007_007_suse.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/466464/30/6900/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/23515", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2007/1399", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/33671", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://issues.rpath.com/browse/RPL-1218", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2006-02-18 02:02
Modified
2024-11-21 00:07
Severity ?
Summary
LightTPD 1.4.8 and earlier, when the web root is on a case-insensitive filesystem, allows remote attackers to bypass URL checks and obtain sensitive information via file extensions with unexpected capitalization, as demonstrated by a request for index.PHP when the configuration invokes the PHP interpreter only for ".php" names.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.0.2:*:*:*:*:*:*:*", matchCriteriaId: "73DE19FF-DAA2-4FFC-9392-6CE1B0B5DF5A", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.0.3:*:*:*:*:*:*:*", matchCriteriaId: "57FABC2C-E678-45E8-9FB3-3026D55D26F3", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.1.0:*:*:*:*:*:*:*", matchCriteriaId: "FB0332C2-9720-4329-A379-5B7048034B3B", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.1.1:*:*:*:*:*:*:*", matchCriteriaId: "F2549EBF-E4B6-4574-BCD8-9DB5F195C9AE", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.1.2:*:*:*:*:*:*:*", matchCriteriaId: "B29F5471-E2A9-421D-A1B5-F0B1444CA9AC", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.1.3:*:*:*:*:*:*:*", matchCriteriaId: "F44FDF24-03A1-43F3-9D9E-F744F0A1AC3F", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.1.4:*:*:*:*:*:*:*", matchCriteriaId: "A4B990A8-B28C-4A4C-89AB-50C754EF6491", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.1.5:*:*:*:*:*:*:*", matchCriteriaId: "55C0A9A3-E628-4AA8-8676-81A8528CC174", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.1.6:*:*:*:*:*:*:*", matchCriteriaId: "8119BEB6-5CBC-4279-9BDE-53ADF1A55F44", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.1.7:*:*:*:*:*:*:*", matchCriteriaId: "211959AC-B76B-4E87-8A08-7789B47F823E", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.1.8:*:*:*:*:*:*:*", matchCriteriaId: "B10DF110-D68E-448F-8BEE-39E0B569596D", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.1.9:*:*:*:*:*:*:*", matchCriteriaId: "1A4B7EDE-CA57-4FB2-8306-924FC8BD9C7A", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.2.0:*:*:*:*:*:*:*", matchCriteriaId: "E9A2745B-661B-489A-9140-FD63F668161A", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.2.1:*:*:*:*:*:*:*", matchCriteriaId: "769931EC-F36A-4F72-A836-85B65CA815C8", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.2.2:*:*:*:*:*:*:*", matchCriteriaId: "D4FE8C27-6822-4AA2-AB80-D29871C74DC2", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.2.3:*:*:*:*:*:*:*", matchCriteriaId: "6FB702A9-C175-477C-B4C7-30AF7DB26165", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.2.4:*:*:*:*:*:*:*", matchCriteriaId: "08784A81-A00C-4FBD-9A79-35D139FA3079", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.2.5:*:*:*:*:*:*:*", matchCriteriaId: "957A7575-FCAB-4C6B-93C8-C9065B412D8A", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.2.6:*:*:*:*:*:*:*", matchCriteriaId: "1BE481AA-EF32-47AD-846A-FEDE38637680", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.2.7:*:*:*:*:*:*:*", matchCriteriaId: "FFC56FD6-481A-4D60-BAF3-C988AA2395D7", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.2.8:*:*:*:*:*:*:*", matchCriteriaId: "5C691300-EA97-4F67-9C27-3C44FE22E283", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "E0D09EDA-6E8F-4535-98ED-D972940E2E54", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.1:*:*:*:*:*:*:*", matchCriteriaId: "E384FD34-327C-40E7-9043-67BC69E6A52B", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.2:*:*:*:*:*:*:*", matchCriteriaId: "B922D725-F31A-453B-B396-6C7FE0D4844B", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.3:*:*:*:*:*:*:*", matchCriteriaId: "EB61C0DE-BAEB-4D65-91EA-D34BA0BEFC49", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.4:*:*:*:*:*:*:*", matchCriteriaId: "C395148E-BF0E-4C27-B903-444238736B1F", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.5:*:*:*:*:*:*:*", matchCriteriaId: "0C001488-5A41-45F8-A270-C184728C1614", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.6:*:*:*:*:*:*:*", matchCriteriaId: "AAA6EA41-CE55-4854-A5FA-4A49D1A648BD", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.7:*:*:*:*:*:*:*", matchCriteriaId: "D7FE9EF8-936E-4351-B512-02B181C4DF5E", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.8:*:*:*:*:*:*:*", matchCriteriaId: "16152422-AE34-4970-95B5-440CE8821A05", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.9:*:*:*:*:*:*:*", matchCriteriaId: "F8D34AB8-5DDD-421F-9C9D-65B6B10EDC7C", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.10:*:*:*:*:*:*:*", matchCriteriaId: "53143B04-BB2D-4C40-83B1-8BF8BC6547E6", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.11:*:*:*:*:*:*:*", matchCriteriaId: "589775AF-21DF-4E41-BFE6-41E4FAAB0F28", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.12:*:*:*:*:*:*:*", matchCriteriaId: "E35D1709-6B2C-4F22-9948-F69F88F9156A", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.13:*:*:*:*:*:*:*", matchCriteriaId: "B4949447-0590-4F76-A00E-1EB94FB7621F", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.14:*:*:*:*:*:*:*", matchCriteriaId: "FAF5B9E9-8BB5-42A6-AF87-5CEE31D2EDC5", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.15:*:*:*:*:*:*:*", matchCriteriaId: "518A4727-ECB7-41C4-8DF5-5375BA5281C3", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.16:*:*:*:*:*:*:*", matchCriteriaId: "17207B51-0E7F-4AD2-8AC4-5A5CDC5CDEE5", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.0:*:*:*:*:*:*:*", matchCriteriaId: "45FC99E1-57D4-4B12-BA26-090142B7CBC3", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.1:*:*:*:*:*:*:*", matchCriteriaId: "21E0FB64-62A3-4875-AFF1-CF4D1E7BA0D2", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.2:*:*:*:*:*:*:*", matchCriteriaId: "068AD0FA-306D-4C29-857C-21C6067287E8", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.3:*:*:*:*:*:*:*", matchCriteriaId: "1125A525-36BA-43E1-A316-6BB33DCEC672", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.4:*:*:*:*:*:*:*", matchCriteriaId: "A7E488CF-A3F1-4C8B-A92A-8764FA1E6032", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.5:*:*:*:*:*:*:*", matchCriteriaId: "A5DEAF46-95C2-4187-AF5A-FB8CB2E6FD04", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.6:*:*:*:*:*:*:*", matchCriteriaId: "24C0ECA9-5A9F-47CA-B8CA-28C7324EC722", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.7:*:*:*:*:*:*:*", matchCriteriaId: "B4F8F89B-5A10-4EE3-A035-1CEA44B1691A", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.8:*:*:*:*:*:*:*", matchCriteriaId: "F89FCD49-0C73-4E73-9D99-38700B622A06", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "LightTPD 1.4.8 and earlier, when the web root is on a case-insensitive filesystem, allows remote attackers to bypass URL checks and obtain sensitive information via file extensions with unexpected capitalization, as demonstrated by a request for index.PHP when the configuration invokes the PHP interpreter only for \".php\" names.", }, ], id: "CVE-2006-0760", lastModified: "2024-11-21T00:07:16.587", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "LOW", cvssData: { accessComplexity: "HIGH", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 2.6, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:H/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 4.9, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2006-02-18T02:02:00.000", references: [ { source: "cve@mitre.org", url: "http://lighttpd.net/news/", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/18869", }, { source: "cve@mitre.org", url: "http://www.lighttpd.net/news/", }, { source: "cve@mitre.org", url: "http://www.osvdb.org/23229", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2006/0550", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/24699", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lighttpd.net/news/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/18869", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.lighttpd.net/news/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.osvdb.org/23229", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2006/0550", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/24699", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-10-06 18:17
Modified
2024-11-21 07:23
Severity ?
Summary
A resource leak in gw_backend.c in lighttpd 1.4.56 through 1.4.66 could lead to a denial of service (connection-slot exhaustion) after a large amount of anomalous TCP behavior by clients. It is related to RDHUP mishandling in certain HTTP/1.1 chunked situations. Use of mod_fastcgi is, for example, affected. This is fixed in 1.4.67.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| lighttpd | lighttpd | * | |
| fedoraproject | fedora | 35 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*", matchCriteriaId: "83E35A87-CC2E-40B9-9365-7AF605F083C9", versionEndExcluding: "1.4.67", versionStartIncluding: "1.4.56", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", matchCriteriaId: "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A resource leak in gw_backend.c in lighttpd 1.4.56 through 1.4.66 could lead to a denial of service (connection-slot exhaustion) after a large amount of anomalous TCP behavior by clients. It is related to RDHUP mishandling in certain HTTP/1.1 chunked situations. Use of mod_fastcgi is, for example, affected. This is fixed in 1.4.67.", }, { lang: "es", value: "Un filtrado de recursos en el archivo gw_backend.c en lighttpd versiones 1.4.56 hasta 1.4.66, podría conllevar a una denegación de servicio (agotamiento de la ranura de conexión) después de una gran cantidad de comportamiento TCP anómalo por parte de los clientes. Está relacionado con un manejo inapropiado de RDHUP en determinadas situaciones de HTTP/1.1 chunked. El uso de mod_fastcgi está, por ejemplo, afectado. Esto ha sido corregido en versión 1.4.67", }, ], id: "CVE-2022-41556", lastModified: "2024-11-21T07:23:23.323", metrics: { cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-10-06T18:17:03.620", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Third Party Advisory", ], url: "https://git.lighttpd.net/lighttpd/lighttpd1.4/commit/b18de6f9264f914f7bf493abd3b6059343548e50", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://github.com/lighttpd/lighttpd1.4/compare/lighttpd-1.4.66...lighttpd-1.4.67", }, { source: "cve@mitre.org", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://github.com/lighttpd/lighttpd1.4/pull/115", }, { source: "cve@mitre.org", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OVOSBSCMLGCHH2Z74H64ZWVDFJFQTBC2/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202210-12", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Third Party Advisory", ], url: "https://git.lighttpd.net/lighttpd/lighttpd1.4/commit/b18de6f9264f914f7bf493abd3b6059343548e50", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://github.com/lighttpd/lighttpd1.4/compare/lighttpd-1.4.66...lighttpd-1.4.67", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Issue Tracking", "Third Party Advisory", ], url: "https://github.com/lighttpd/lighttpd1.4/pull/115", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OVOSBSCMLGCHH2Z74H64ZWVDFJFQTBC2/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/202210-12", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-401", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2007-07-24 00:30
Modified
2024-11-21 00:34
Severity ?
Summary
request.c in lighttpd 1.4.15 allows remote attackers to cause a denial of service (daemon crash) by sending an HTTP request with duplicate headers, as demonstrated by a request containing two Location header lines, which results in a segmentation fault.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*", matchCriteriaId: "280F8BA1-34E8-4A93-871C-49E6F6826F2C", versionEndIncluding: "1.4.15", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "request.c in lighttpd 1.4.15 allows remote attackers to cause a denial of service (daemon crash) by sending an HTTP request with duplicate headers, as demonstrated by a request containing two Location header lines, which results in a segmentation fault.", }, { lang: "es", value: "request.c en lighttpd 1.4.15 permite a atacantes remotos provocar denegación de servicio (caida de demonio) a través del envío de una respuesta HTTP con cabeceras duplicadas, como se demostró con una respuesta que contiene dos lineas de cabecera Location, el cual deriva en un fallo de segmentación.", }, ], evaluatorSolution: "Vendor has addressed this vulnerability in an upgrade: http://trac.lighttpd.net/trac/", id: "CVE-2007-3947", lastModified: "2024-11-21T00:34:26.193", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5.8, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2007-07-24T00:30:00.000", references: [ { source: "cve@mitre.org", url: "http://osvdb.org/38313", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/26130", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/26158", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/26505", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/26593", }, { source: "cve@mitre.org", url: "http://security.gentoo.org/glsa/glsa-200708-11.xml", }, { source: "cve@mitre.org", url: "http://trac.lighttpd.net/trac/changeset/1869", }, { source: "cve@mitre.org", url: "http://trac.lighttpd.net/trac/ticket/1232", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2007/dsa-1362", }, { source: "cve@mitre.org", url: "http://www.novell.com/linux/security/advisories/2007_15_sr.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/archive/1/474131/100/0/threaded", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/24967", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2007/2585", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://osvdb.org/38313", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/26130", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/26158", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/26505", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/26593", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://security.gentoo.org/glsa/glsa-200708-11.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://trac.lighttpd.net/trac/changeset/1869", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://trac.lighttpd.net/trac/ticket/1232", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2007/dsa-1362", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.novell.com/linux/security/advisories/2007_15_sr.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/474131/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/24967", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2007/2585", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2008-09-27 10:30
Modified
2024-11-21 00:51
Severity ?
Summary
Memory leak in the http_request_parse function in request.c in lighttpd before 1.4.20 allows remote attackers to cause a denial of service (memory consumption) via a large number of requests with duplicate request headers.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*", matchCriteriaId: "78C95091-A48E-4C17-BB2C-ED771DDDF6D4", versionEndIncluding: "1.4.19", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.1.1:*:*:*:*:*:*:*", matchCriteriaId: "F2549EBF-E4B6-4574-BCD8-9DB5F195C9AE", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.1.2:*:*:*:*:*:*:*", matchCriteriaId: "B29F5471-E2A9-421D-A1B5-F0B1444CA9AC", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.1.3:*:*:*:*:*:*:*", matchCriteriaId: "F44FDF24-03A1-43F3-9D9E-F744F0A1AC3F", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.1.4:*:*:*:*:*:*:*", matchCriteriaId: "A4B990A8-B28C-4A4C-89AB-50C754EF6491", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.1.5:*:*:*:*:*:*:*", matchCriteriaId: "55C0A9A3-E628-4AA8-8676-81A8528CC174", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.1.6:*:*:*:*:*:*:*", matchCriteriaId: "8119BEB6-5CBC-4279-9BDE-53ADF1A55F44", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.1.7:*:*:*:*:*:*:*", matchCriteriaId: "211959AC-B76B-4E87-8A08-7789B47F823E", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.1.8:*:*:*:*:*:*:*", matchCriteriaId: "B10DF110-D68E-448F-8BEE-39E0B569596D", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.1.9:*:*:*:*:*:*:*", matchCriteriaId: "1A4B7EDE-CA57-4FB2-8306-924FC8BD9C7A", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.2.1:*:*:*:*:*:*:*", matchCriteriaId: "769931EC-F36A-4F72-A836-85B65CA815C8", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.2.2:*:*:*:*:*:*:*", matchCriteriaId: "D4FE8C27-6822-4AA2-AB80-D29871C74DC2", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.2.3:*:*:*:*:*:*:*", matchCriteriaId: "6FB702A9-C175-477C-B4C7-30AF7DB26165", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.2.4:*:*:*:*:*:*:*", matchCriteriaId: "08784A81-A00C-4FBD-9A79-35D139FA3079", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.2.5:*:*:*:*:*:*:*", matchCriteriaId: "957A7575-FCAB-4C6B-93C8-C9065B412D8A", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.2.6:*:*:*:*:*:*:*", matchCriteriaId: "1BE481AA-EF32-47AD-846A-FEDE38637680", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.2.7:*:*:*:*:*:*:*", matchCriteriaId: "FFC56FD6-481A-4D60-BAF3-C988AA2395D7", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.2.8:*:*:*:*:*:*:*", matchCriteriaId: "5C691300-EA97-4F67-9C27-3C44FE22E283", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "E0D09EDA-6E8F-4535-98ED-D972940E2E54", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.1:*:*:*:*:*:*:*", matchCriteriaId: "E384FD34-327C-40E7-9043-67BC69E6A52B", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.2:*:*:*:*:*:*:*", matchCriteriaId: "B922D725-F31A-453B-B396-6C7FE0D4844B", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.3:*:*:*:*:*:*:*", matchCriteriaId: "EB61C0DE-BAEB-4D65-91EA-D34BA0BEFC49", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.4:*:*:*:*:*:*:*", matchCriteriaId: "C395148E-BF0E-4C27-B903-444238736B1F", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.5:*:*:*:*:*:*:*", matchCriteriaId: "0C001488-5A41-45F8-A270-C184728C1614", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.6:*:*:*:*:*:*:*", matchCriteriaId: "AAA6EA41-CE55-4854-A5FA-4A49D1A648BD", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.7:*:*:*:*:*:*:*", matchCriteriaId: "D7FE9EF8-936E-4351-B512-02B181C4DF5E", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.8:*:*:*:*:*:*:*", matchCriteriaId: "16152422-AE34-4970-95B5-440CE8821A05", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.9:*:*:*:*:*:*:*", matchCriteriaId: "F8D34AB8-5DDD-421F-9C9D-65B6B10EDC7C", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.10:*:*:*:*:*:*:*", matchCriteriaId: "53143B04-BB2D-4C40-83B1-8BF8BC6547E6", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.11:*:*:*:*:*:*:*", matchCriteriaId: "589775AF-21DF-4E41-BFE6-41E4FAAB0F28", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.12:*:*:*:*:*:*:*", matchCriteriaId: "E35D1709-6B2C-4F22-9948-F69F88F9156A", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.13:*:*:*:*:*:*:*", matchCriteriaId: "B4949447-0590-4F76-A00E-1EB94FB7621F", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.14:*:*:*:*:*:*:*", matchCriteriaId: "FAF5B9E9-8BB5-42A6-AF87-5CEE31D2EDC5", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.15:*:*:*:*:*:*:*", matchCriteriaId: "518A4727-ECB7-41C4-8DF5-5375BA5281C3", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.16:*:*:*:*:*:*:*", matchCriteriaId: "17207B51-0E7F-4AD2-8AC4-5A5CDC5CDEE5", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.0:*:*:*:*:*:*:*", matchCriteriaId: "45FC99E1-57D4-4B12-BA26-090142B7CBC3", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.1:*:*:*:*:*:*:*", matchCriteriaId: "21E0FB64-62A3-4875-AFF1-CF4D1E7BA0D2", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.2:*:*:*:*:*:*:*", matchCriteriaId: "068AD0FA-306D-4C29-857C-21C6067287E8", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.3:*:*:*:*:*:*:*", matchCriteriaId: "1125A525-36BA-43E1-A316-6BB33DCEC672", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.4:*:*:*:*:*:*:*", matchCriteriaId: "A7E488CF-A3F1-4C8B-A92A-8764FA1E6032", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.5:*:*:*:*:*:*:*", matchCriteriaId: "A5DEAF46-95C2-4187-AF5A-FB8CB2E6FD04", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.6:*:*:*:*:*:*:*", matchCriteriaId: "24C0ECA9-5A9F-47CA-B8CA-28C7324EC722", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.7:*:*:*:*:*:*:*", matchCriteriaId: "B4F8F89B-5A10-4EE3-A035-1CEA44B1691A", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.8:*:*:*:*:*:*:*", matchCriteriaId: "F89FCD49-0C73-4E73-9D99-38700B622A06", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.9:*:*:*:*:*:*:*", matchCriteriaId: "FFA9AF51-F423-4167-88AB-5BF916BCC273", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.10:*:*:*:*:*:*:*", matchCriteriaId: "A21B3F82-1C1D-46EE-92EF-46F7F590957E", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.11:*:*:*:*:*:*:*", matchCriteriaId: "482312DE-D483-42EC-B8B3-C71CE088C7B2", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.12:*:*:*:*:*:*:*", matchCriteriaId: "D5549E74-A7A7-4D99-B08B-C6ACFB3917FD", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.13:*:*:*:*:*:*:*", matchCriteriaId: "72ABD4D8-8AD9-45E5-8FF5-FA947AC07F49", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.14:*:*:*:*:*:*:*", matchCriteriaId: "0EC04CE1-4C31-42B7-A92D-38393F549014", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.15:*:*:*:*:*:*:*", matchCriteriaId: "F79EED03-A95B-4636-A0AA-1F9E72DEF930", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.16:*:*:*:*:*:*:*", matchCriteriaId: "176D53A7-A81C-4C1F-A7B8-90604A9545F8", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.17:*:*:*:*:*:*:*", matchCriteriaId: "8372FF7B-CF9B-4963-AB53-704E87AF3540", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.18:*:*:*:*:*:*:*", matchCriteriaId: "DA46E89A-565E-439D-BCB2-6CEE44EFDFAC", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Memory leak in the http_request_parse function in request.c in lighttpd before 1.4.20 allows remote attackers to cause a denial of service (memory consumption) via a large number of requests with duplicate request headers.", }, { lang: "es", value: "Fugas de memoria en la función http_request_parse en request.c en lighttpd anteriores a v1.4.20 permite a atacantes remotos causar denegación de servicio (corrupción de memoria) a través de un gran número de peticiones con cabeceras de peticiones duplicadas.", }, ], id: "CVE-2008-4298", lastModified: "2024-11-21T00:51:20.010", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2008-09-27T10:30:03.680", references: [ { source: "cve@mitre.org", url: "http://bugs.gentoo.org/show_bug.cgi?id=238180", }, { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/32069", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/32132", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/32480", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/32834", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/32972", }, { source: "cve@mitre.org", url: "http://security.gentoo.org/glsa/glsa-200812-04.xml", }, { source: "cve@mitre.org", url: "http://trac.lighttpd.net/trac/changeset/2305", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "http://trac.lighttpd.net/trac/ticket/1774", }, { source: "cve@mitre.org", url: "http://wiki.rpath.com/Advisories:rPSA-2008-0309", }, { source: "cve@mitre.org", url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0309", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2008/dsa-1645", }, { source: "cve@mitre.org", url: "http://www.lighttpd.net/security/lighttpd_sa_2008_07.txt", }, { source: "cve@mitre.org", url: "http://www.openwall.com/lists/oss-security/2008/09/26/5", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/archive/1/497932/100/0/threaded", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/31434", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2008/2741", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/45471", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://bugs.gentoo.org/show_bug.cgi?id=238180", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/32069", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/32132", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/32480", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/32834", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/32972", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://security.gentoo.org/glsa/glsa-200812-04.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://trac.lighttpd.net/trac/changeset/2305", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://trac.lighttpd.net/trac/ticket/1774", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://wiki.rpath.com/Advisories:rPSA-2008-0309", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0309", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2008/dsa-1645", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.lighttpd.net/security/lighttpd_sa_2008_07.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.openwall.com/lists/oss-security/2008/09/26/5", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/497932/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/31434", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2008/2741", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/45471", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-399", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2007-07-24 00:30
Modified
2024-11-21 00:34
Severity ?
Summary
lighttpd 1.4.15, when run on 32 bit platforms, allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors involving the use of incompatible format specifiers in certain debugging messages in the (1) mod_scgi, (2) mod_fastcgi, and (3) mod_webdav modules.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*", matchCriteriaId: "280F8BA1-34E8-4A93-871C-49E6F6826F2C", versionEndIncluding: "1.4.15", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "lighttpd 1.4.15, when run on 32 bit platforms, allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors involving the use of incompatible format specifiers in certain debugging messages in the (1) mod_scgi, (2) mod_fastcgi, and (3) mod_webdav modules.", }, { lang: "es", value: "lighttpd 1.4.15, cuando funciona bajo plataformas de 32 bits, permite a atacantes remotos provocar denegación de servicio (caida de demonio) a través de vectores no especificados afectando al uso de especificaciones de formatos incompatibles en ciertos mensajes de depuración en los módulos (1) mod_scgi, (2) mod_fastcgi, y (3) mod_webdav.", }, ], evaluatorSolution: "Vendor has released upgrade for vulnerability: http://trac.lighttpd.net/trac/", id: "CVE-2007-3950", lastModified: "2024-11-21T00:34:26.613", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:M/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2007-07-24T00:30:00.000", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/26130", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/26158", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/26505", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/26593", }, { source: "cve@mitre.org", url: "http://security.gentoo.org/glsa/glsa-200708-11.xml", }, { source: "cve@mitre.org", url: "http://securityreason.com/securityalert/2909", }, { source: "cve@mitre.org", url: "http://trac.lighttpd.net/trac/changeset/1882", }, { source: "cve@mitre.org", url: "http://trac.lighttpd.net/trac/ticket/1263", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2007/dsa-1362", }, { source: "cve@mitre.org", url: "http://www.novell.com/linux/security/advisories/2007_15_sr.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/archive/1/474131/100/0/threaded", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/24967", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2007/2585", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/26130", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/26158", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/26505", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/26593", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://security.gentoo.org/glsa/glsa-200708-11.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://securityreason.com/securityalert/2909", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://trac.lighttpd.net/trac/changeset/1882", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://trac.lighttpd.net/trac/ticket/1263", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2007/dsa-1362", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.novell.com/linux/security/advisories/2007_15_sr.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/474131/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/24967", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2007/2585", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2011-12-24 19:55
Modified
2024-11-21 01:32
Severity ?
Summary
Integer signedness error in the base64_decode function in the HTTP authentication functionality (http_auth.c) in lighttpd 1.4 before 1.4.30 and 1.5 before SVN revision 2806 allows remote attackers to cause a denial of service (segmentation fault) via crafted base64 input that triggers an out-of-bounds read with a negative index.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| lighttpd | lighttpd | * | |
| lighttpd | lighttpd | 1.5.0 | |
| debian | debian_linux | 5.0 | |
| debian | debian_linux | 6.0 | |
| debian | debian_linux | 7.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*", matchCriteriaId: "1F033C14-1A83-486C-AEFD-6C7A454A6988", versionEndExcluding: "1.4.30", versionStartIncluding: "1.4.1", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.5.0:*:*:*:*:*:*:*", matchCriteriaId: "B2CB5DC6-F7D3-45C3-86FC-150216F08A35", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:5.0:*:*:*:*:*:*:*", matchCriteriaId: "8C757774-08E7-40AA-B532-6F705C8F7639", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "036E8A89-7A16-411F-9D31-676313BB7244", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Integer signedness error in the base64_decode function in the HTTP authentication functionality (http_auth.c) in lighttpd 1.4 before 1.4.30 and 1.5 before SVN revision 2806 allows remote attackers to cause a denial of service (segmentation fault) via crafted base64 input that triggers an out-of-bounds read with a negative index.", }, { lang: "es", value: "Error de signo de entero en la función base64_decode en la funcionalidad de autenticación HTTP (http_auth.c) en lighttpd v1.4 anterior a v1.4.30 y v1.5 antes de la revisión SVN 2806 permite a atacantes remotos provocar una denegación de servicio (fallo de segmentación) a través de una entrada elaborada en base64 provando una lectura \"fuera de los límites\" (out-of-bounds)con un índice negativo.", }, ], id: "CVE-2011-4362", lastModified: "2024-11-21T01:32:18.747", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2011-12-24T19:55:05.240", references: [ { source: "secalert@redhat.com", tags: [ "Broken Link", ], url: "http://archives.neohapsis.com/archives/bugtraq/2011-12/0167.html", }, { source: "secalert@redhat.com", tags: [ "Exploit", "Third Party Advisory", ], url: "http://blog.pi3.com.pl/?p=277", }, { source: "secalert@redhat.com", tags: [ "Exploit", "Patch", "Vendor Advisory", ], url: "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2011_01.txt", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://jvn.jp/en/jp/JVN37417423/index.html", }, { source: "secalert@redhat.com", tags: [ "Exploit", "Patch", "Vendor Advisory", ], url: "http://redmine.lighttpd.net/issues/2370", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/47260", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2011/dsa-2368", }, { source: "secalert@redhat.com", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.exploit-db.com/exploits/18295", }, { source: "secalert@redhat.com", tags: [ "Exploit", "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2011/11/29/13", }, { source: "secalert@redhat.com", tags: [ "Exploit", "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2011/11/29/8", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id?1026359", }, { source: "secalert@redhat.com", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=758624", }, { source: "secalert@redhat.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/71536", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://archives.neohapsis.com/archives/bugtraq/2011-12/0167.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "http://blog.pi3.com.pl/?p=277", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", "Vendor Advisory", ], url: "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2011_01.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://jvn.jp/en/jp/JVN37417423/index.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Patch", "Vendor Advisory", ], url: "http://redmine.lighttpd.net/issues/2370", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/47260", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2011/dsa-2368", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", "VDB Entry", ], url: "http://www.exploit-db.com/exploits/18295", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2011/11/29/13", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Mailing List", "Patch", "Third Party Advisory", ], url: "http://www.openwall.com/lists/oss-security/2011/11/29/8", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id?1026359", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Third Party Advisory", ], url: "https://bugzilla.redhat.com/show_bug.cgi?id=758624", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/71536", }, ], sourceIdentifier: "secalert@redhat.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-06-11 15:15
Modified
2024-11-21 07:03
Severity ?
Summary
Lighttpd 1.4.56 through 1.4.58 allows a remote attacker to cause a denial of service (CPU consumption from stuck connections) because connection_read_header_more in connections.c has a typo that disrupts use of multiple read operations on large headers.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | https://github.com/lighttpd/lighttpd1.4 | Product, Third Party Advisory | |
| cve@mitre.org | https://github.com/p0dalirius/CVE-2022-30780-lighttpd-denial-of-service | Exploit, Third Party Advisory | |
| cve@mitre.org | https://podalirius.net/en/cves/2022-30780/ | Exploit, Third Party Advisory | |
| cve@mitre.org | https://redmine.lighttpd.net/issues/3059 | Issue Tracking, Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/lighttpd/lighttpd1.4 | Product, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/p0dalirius/CVE-2022-30780-lighttpd-denial-of-service | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://podalirius.net/en/cves/2022-30780/ | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://redmine.lighttpd.net/issues/3059 | Issue Tracking, Patch, Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.56:*:*:*:*:*:*:*", matchCriteriaId: "AE4AED56-A19F-4C09-9254-E0BCD86E3E61", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.57:*:*:*:*:*:*:*", matchCriteriaId: "D135491A-A9FC-4CE9-983C-635086A35371", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.58:*:*:*:*:*:*:*", matchCriteriaId: "95D491AC-57C6-43E1-A3F0-1C932CBCE1EE", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Lighttpd 1.4.56 through 1.4.58 allows a remote attacker to cause a denial of service (CPU consumption from stuck connections) because connection_read_header_more in connections.c has a typo that disrupts use of multiple read operations on large headers.", }, { lang: "es", value: "Lighttpd versiones 1.4.56 hasta 1.4.58, permite a un atacante remoto causar una denegación de servicio (consumo de CPU por conexiones atascadas) porque la función connection_read_header_more en el archivo connections.c presenta una errata que interrumpe el uso de múltiples operaciones de lectura en encabezados grandes", }, ], id: "CVE-2022-30780", lastModified: "2024-11-21T07:03:21.907", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "NONE", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2022-06-11T15:15:08.807", references: [ { source: "cve@mitre.org", tags: [ "Product", "Third Party Advisory", ], url: "https://github.com/lighttpd/lighttpd1.4", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/p0dalirius/CVE-2022-30780-lighttpd-denial-of-service", }, { source: "cve@mitre.org", tags: [ "Exploit", "Third Party Advisory", ], url: "https://podalirius.net/en/cves/2022-30780/", }, { source: "cve@mitre.org", tags: [ "Issue Tracking", "Patch", "Vendor Advisory", ], url: "https://redmine.lighttpd.net/issues/3059", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Product", "Third Party Advisory", ], url: "https://github.com/lighttpd/lighttpd1.4", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://github.com/p0dalirius/CVE-2022-30780-lighttpd-denial-of-service", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Third Party Advisory", ], url: "https://podalirius.net/en/cves/2022-30780/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Issue Tracking", "Patch", "Vendor Advisory", ], url: "https://redmine.lighttpd.net/issues/3059", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-682", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2007-04-18 03:19
Modified
2024-11-21 00:29
Severity ?
Summary
lighttpd before 1.4.14 allows attackers to cause a denial of service (crash) via a request to a file whose mtime is 0, which results in a NULL pointer dereference.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| lighttpd | lighttpd | 1.3.0 | |
| lighttpd | lighttpd | 1.3.1 | |
| lighttpd | lighttpd | 1.3.2 | |
| lighttpd | lighttpd | 1.3.3 | |
| lighttpd | lighttpd | 1.3.4 | |
| lighttpd | lighttpd | 1.3.5 | |
| lighttpd | lighttpd | 1.3.6 | |
| lighttpd | lighttpd | 1.3.7 | |
| lighttpd | lighttpd | 1.3.8 | |
| lighttpd | lighttpd | 1.3.9 | |
| lighttpd | lighttpd | 1.3.10 | |
| lighttpd | lighttpd | 1.3.11 | |
| lighttpd | lighttpd | 1.3.12 | |
| lighttpd | lighttpd | 1.3.13 | |
| lighttpd | lighttpd | 1.3.14 | |
| lighttpd | lighttpd | 1.3.15 | |
| lighttpd | lighttpd | 1.3.16 | |
| lighttpd | lighttpd | 1.4.0 | |
| lighttpd | lighttpd | 1.4.1 | |
| lighttpd | lighttpd | 1.4.2 | |
| lighttpd | lighttpd | 1.4.3 | |
| lighttpd | lighttpd | 1.4.4 | |
| lighttpd | lighttpd | 1.4.5 | |
| lighttpd | lighttpd | 1.4.6 | |
| lighttpd | lighttpd | 1.4.7 | |
| lighttpd | lighttpd | 1.4.8 | |
| lighttpd | lighttpd | 1.4.9 | |
| lighttpd | lighttpd | 1.4.10 | |
| lighttpd | lighttpd | 1.4.12 | |
| lighttpd | lighttpd | 1.4.13 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "E0D09EDA-6E8F-4535-98ED-D972940E2E54", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.1:*:*:*:*:*:*:*", matchCriteriaId: "E384FD34-327C-40E7-9043-67BC69E6A52B", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.2:*:*:*:*:*:*:*", matchCriteriaId: "B922D725-F31A-453B-B396-6C7FE0D4844B", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.3:*:*:*:*:*:*:*", matchCriteriaId: "EB61C0DE-BAEB-4D65-91EA-D34BA0BEFC49", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.4:*:*:*:*:*:*:*", matchCriteriaId: "C395148E-BF0E-4C27-B903-444238736B1F", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.5:*:*:*:*:*:*:*", matchCriteriaId: "0C001488-5A41-45F8-A270-C184728C1614", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.6:*:*:*:*:*:*:*", matchCriteriaId: "AAA6EA41-CE55-4854-A5FA-4A49D1A648BD", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.7:*:*:*:*:*:*:*", matchCriteriaId: "D7FE9EF8-936E-4351-B512-02B181C4DF5E", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.8:*:*:*:*:*:*:*", matchCriteriaId: "16152422-AE34-4970-95B5-440CE8821A05", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.9:*:*:*:*:*:*:*", matchCriteriaId: "F8D34AB8-5DDD-421F-9C9D-65B6B10EDC7C", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.10:*:*:*:*:*:*:*", matchCriteriaId: "53143B04-BB2D-4C40-83B1-8BF8BC6547E6", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.11:*:*:*:*:*:*:*", matchCriteriaId: "589775AF-21DF-4E41-BFE6-41E4FAAB0F28", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.12:*:*:*:*:*:*:*", matchCriteriaId: "E35D1709-6B2C-4F22-9948-F69F88F9156A", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.13:*:*:*:*:*:*:*", matchCriteriaId: "B4949447-0590-4F76-A00E-1EB94FB7621F", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.14:*:*:*:*:*:*:*", matchCriteriaId: "FAF5B9E9-8BB5-42A6-AF87-5CEE31D2EDC5", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.15:*:*:*:*:*:*:*", matchCriteriaId: "518A4727-ECB7-41C4-8DF5-5375BA5281C3", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.16:*:*:*:*:*:*:*", matchCriteriaId: "17207B51-0E7F-4AD2-8AC4-5A5CDC5CDEE5", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.0:*:*:*:*:*:*:*", matchCriteriaId: "45FC99E1-57D4-4B12-BA26-090142B7CBC3", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.1:*:*:*:*:*:*:*", matchCriteriaId: "21E0FB64-62A3-4875-AFF1-CF4D1E7BA0D2", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.2:*:*:*:*:*:*:*", matchCriteriaId: "068AD0FA-306D-4C29-857C-21C6067287E8", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.3:*:*:*:*:*:*:*", matchCriteriaId: "1125A525-36BA-43E1-A316-6BB33DCEC672", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.4:*:*:*:*:*:*:*", matchCriteriaId: "A7E488CF-A3F1-4C8B-A92A-8764FA1E6032", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.5:*:*:*:*:*:*:*", matchCriteriaId: "A5DEAF46-95C2-4187-AF5A-FB8CB2E6FD04", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.6:*:*:*:*:*:*:*", matchCriteriaId: "24C0ECA9-5A9F-47CA-B8CA-28C7324EC722", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.7:*:*:*:*:*:*:*", matchCriteriaId: "B4F8F89B-5A10-4EE3-A035-1CEA44B1691A", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.8:*:*:*:*:*:*:*", matchCriteriaId: "F89FCD49-0C73-4E73-9D99-38700B622A06", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.9:*:*:*:*:*:*:*", matchCriteriaId: "FFA9AF51-F423-4167-88AB-5BF916BCC273", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.10:*:*:*:*:*:*:*", matchCriteriaId: "A21B3F82-1C1D-46EE-92EF-46F7F590957E", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.12:*:*:*:*:*:*:*", matchCriteriaId: "D5549E74-A7A7-4D99-B08B-C6ACFB3917FD", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.13:*:*:*:*:*:*:*", matchCriteriaId: "72ABD4D8-8AD9-45E5-8FF5-FA947AC07F49", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "lighttpd before 1.4.14 allows attackers to cause a denial of service (crash) via a request to a file whose mtime is 0, which results in a NULL pointer dereference.", }, { lang: "es", value: "lighttpd anterior a 1.4.14 permite a atacantes provocar una denegación de servicio (caída) mediante una petición a un fichero cuyo mtime es 0, lo cual resulta en una referencia a puntero nulo.", }, ], id: "CVE-2007-1870", lastModified: "2024-11-21T00:29:21.177", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 7.8, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:C", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2007-04-18T03:19:00.000", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/24886", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/24947", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/24995", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/25166", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/25613", }, { source: "cve@mitre.org", url: "http://security.gentoo.org/glsa/glsa-200705-07.xml", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2007/dsa-1303", }, { source: "cve@mitre.org", url: "http://www.lighttpd.net/assets/2007/4/13/lighttpd_sa2007_02.txt", }, { source: "cve@mitre.org", url: "http://www.novell.com/linux/security/advisories/2007_007_suse.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/archive/1/466464/30/6900/threaded", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/23515", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2007/1399", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/33678", }, { source: "cve@mitre.org", url: "https://issues.rpath.com/browse/RPL-1218", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/24886", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/24947", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/24995", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/25166", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/25613", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://security.gentoo.org/glsa/glsa-200705-07.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2007/dsa-1303", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.lighttpd.net/assets/2007/4/13/lighttpd_sa2007_02.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.novell.com/linux/security/advisories/2007_007_suse.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/466464/30/6900/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/23515", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2007/1399", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/33678", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://issues.rpath.com/browse/RPL-1218", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2008-10-03 17:41
Modified
2024-11-21 00:51
Severity ?
Summary
lighttpd before 1.4.20 compares URIs to patterns in the (1) url.redirect and (2) url.rewrite configuration settings before performing URL decoding, which might allow remote attackers to bypass intended access restrictions, and obtain sensitive information or possibly modify data.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| lighttpd | lighttpd | * | |
| debian | debian_linux | 4.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*", matchCriteriaId: "26A3F66A-350C-4592-9E11-855B5DFAE013", versionEndExcluding: "1.4.20", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", matchCriteriaId: "0F92AB32-E7DE-43F4-B877-1F41FA162EC7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "lighttpd before 1.4.20 compares URIs to patterns in the (1) url.redirect and (2) url.rewrite configuration settings before performing URL decoding, which might allow remote attackers to bypass intended access restrictions, and obtain sensitive information or possibly modify data.", }, { lang: "es", value: "lighttpd versiones anteriores a v1.4.20 compara URIs con patrones en los ajustes de configuración (1) url.redirect y (2) url.rewrite antes de realizar la decodificación de URL, lo cual puede permitir a atacantes remotos evitar restricciones de acceso intencionado, y obtener información sensible o posiblemente modificar datos.", }, ], id: "CVE-2008-4359", lastModified: "2024-11-21T00:51:29.550", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: true, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2008-10-03T17:41:40.430", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://openwall.com/lists/oss-security/2008/09/30/1", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://openwall.com/lists/oss-security/2008/09/30/2", }, { source: "cve@mitre.org", tags: [ "Mailing List", ], url: "http://openwall.com/lists/oss-security/2008/09/30/3", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/32069", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/32132", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/32480", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/32834", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/32972", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://security.gentoo.org/glsa/glsa-200812-04.xml", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Vendor Advisory", ], url: "http://trac.lighttpd.net/trac/changeset/2278", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Vendor Advisory", ], url: "http://trac.lighttpd.net/trac/changeset/2307", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Vendor Advisory", ], url: "http://trac.lighttpd.net/trac/changeset/2309", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Vendor Advisory", ], url: "http://trac.lighttpd.net/trac/changeset/2310", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://trac.lighttpd.net/trac/ticket/1720", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://wiki.rpath.com/Advisories:rPSA-2008-0309", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0309", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2008/dsa-1645", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.lighttpd.net/security/lighttpd-1.4.x_rewrite_redirect_decode_url.patch", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://www.lighttpd.net/security/lighttpd_sa_2008_05.txt", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/497932/100/0/threaded", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/31599", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.vupen.com/english/advisories/2008/2741", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/45690", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://openwall.com/lists/oss-security/2008/09/30/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://openwall.com/lists/oss-security/2008/09/30/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", ], url: "http://openwall.com/lists/oss-security/2008/09/30/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/32069", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/32132", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/32480", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/32834", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/32972", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://security.gentoo.org/glsa/glsa-200812-04.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Vendor Advisory", ], url: "http://trac.lighttpd.net/trac/changeset/2278", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Vendor Advisory", ], url: "http://trac.lighttpd.net/trac/changeset/2307", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Vendor Advisory", ], url: "http://trac.lighttpd.net/trac/changeset/2309", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Vendor Advisory", ], url: "http://trac.lighttpd.net/trac/changeset/2310", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://trac.lighttpd.net/trac/ticket/1720", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://wiki.rpath.com/Advisories:rPSA-2008-0309", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0309", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2008/dsa-1645", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.lighttpd.net/security/lighttpd-1.4.x_rewrite_redirect_decode_url.patch", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.lighttpd.net/security/lighttpd_sa_2008_05.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/497932/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/31599", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.vupen.com/english/advisories/2008/2741", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/45690", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2018-11-07 05:29
Modified
2024-11-21 03:57
Severity ?
Summary
An issue was discovered in mod_alias_physical_handler in mod_alias.c in lighttpd before 1.4.50. There is potential ../ path traversal of a single directory above an alias target, with a specific mod_alias configuration where the matched alias lacks a trailing '/' character, but the alias target filesystem path does have a trailing '/' character.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00054.html | Mailing List, Third Party Advisory | |
| cve@mitre.org | https://github.com/lighttpd/lighttpd1.4/commit/2105dae0f9d7a964375ce681e53cb165375f84c1 | Exploit, Vendor Advisory | |
| cve@mitre.org | https://lists.debian.org/debian-lts-announce/2022/01/msg00012.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00054.html | Mailing List, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://github.com/lighttpd/lighttpd1.4/commit/2105dae0f9d7a964375ce681e53cb165375f84c1 | Exploit, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.debian.org/debian-lts-announce/2022/01/msg00012.html | Mailing List, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| lighttpd | lighttpd | * | |
| opensuse | backports_sle | 15.0 | |
| opensuse | backports_sle | 15.0 | |
| opensuse | leap | 15.0 | |
| opensuse | leap | 15.1 | |
| suse | suse_linux_enterprise_server | 11 | |
| suse | suse_linux_enterprise_server | 11 | |
| suse | suse_linux_enterprise_server | 12 | |
| suse | suse_linux_enterprise_server | 12 | |
| suse | suse_linux_enterprise_server | 12 | |
| suse | suse_linux_enterprise_server | 12 | |
| suse | suse_linux_enterprise_server | 12 | |
| debian | debian_linux | 9.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*", matchCriteriaId: "98F929BB-28DA-4990-B923-BF682E3F5965", versionEndExcluding: "1.4.50", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:opensuse:backports_sle:15.0:-:*:*:*:*:*:*", matchCriteriaId: "D83DA865-E4A6-4FBF-AA1B-A969EBA6B2AD", vulnerable: true, }, { criteria: "cpe:2.3:a:opensuse:backports_sle:15.0:sp1:*:*:*:*:*:*", matchCriteriaId: "40513095-7E6E-46B3-B604-C926F1BA3568", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp3:*:*:*:*:*:*", matchCriteriaId: "DD4BBD63-E038-45CE-9537-D96831E99A06", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:11:sp4:*:*:*:*:*:*", matchCriteriaId: "41E76620-EC14-4D2B-828F-53F26DEA5DDC", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:12:*:*:*:*:*:*:*", matchCriteriaId: "9C649194-B8C2-49F7-A819-C635EE584ABF", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:12:sp1:*:*:*:*:*:*", matchCriteriaId: "06F182F1-8B69-4E1E-B058-27002046E999", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:12:sp2:*:*:*:*:*:*", matchCriteriaId: "5A7ED7DD-A7D2-4A71-8415-26103530AB2E", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:12:sp3:*:*:*:*:*:*", matchCriteriaId: "CEF98D6C-3C80-4A42-B14B-22D69BC1F4C2", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:suse_linux_enterprise_server:12:sp4:*:*:*:*:*:*", matchCriteriaId: "DF6890E9-C113-4DB0-BB63-193834B6E5A9", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "An issue was discovered in mod_alias_physical_handler in mod_alias.c in lighttpd before 1.4.50. There is potential ../ path traversal of a single directory above an alias target, with a specific mod_alias configuration where the matched alias lacks a trailing '/' character, but the alias target filesystem path does have a trailing '/' character.", }, { lang: "es", value: "Se ha descubierto un problema en mod_alias_physical_handler en mod_alias.c en lighttpd en versiones anteriores a la 1.4.50. Hay un salto de directorio ../ de un único directorio sobre el alias objetivo, con una configuración mod_alias específica en la que el alias coincidente carece de un carácter \"/\" final, pero el sistema de archivos del alias objetivo sí tiene un carácter \"/\" final.", }, ], id: "CVE-2018-19052", lastModified: "2024-11-21T03:57:14.017", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 7.5, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "NONE", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-11-07T05:29:00.343", references: [ { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00054.html", }, { source: "cve@mitre.org", tags: [ "Exploit", "Vendor Advisory", ], url: "https://github.com/lighttpd/lighttpd1.4/commit/2105dae0f9d7a964375ce681e53cb165375f84c1", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2022/01/msg00012.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00054.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Vendor Advisory", ], url: "https://github.com/lighttpd/lighttpd1.4/commit/2105dae0f9d7a964375ce681e53cb165375f84c1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "https://lists.debian.org/debian-lts-announce/2022/01/msg00012.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-22", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2008-10-03 17:41
Modified
2024-11-21 00:51
Severity ?
Summary
mod_userdir in lighttpd before 1.4.20, when a case-insensitive operating system or filesystem is used, performs case-sensitive comparisons on filename components in configuration options, which might allow remote attackers to bypass intended access restrictions, as demonstrated by a request for a .PHP file when there is a configuration rule for .php files.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| lighttpd | lighttpd | * | |
| debian | debian_linux | 4.0 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*", matchCriteriaId: "26A3F66A-350C-4592-9E11-855B5DFAE013", versionEndExcluding: "1.4.20", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:4.0:*:*:*:*:*:*:*", matchCriteriaId: "0F92AB32-E7DE-43F4-B877-1F41FA162EC7", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "mod_userdir in lighttpd before 1.4.20, when a case-insensitive operating system or filesystem is used, performs case-sensitive comparisons on filename components in configuration options, which might allow remote attackers to bypass intended access restrictions, as demonstrated by a request for a .PHP file when there is a configuration rule for .php files.", }, { lang: "es", value: "mod_userdir de lighttpd versiones anteriores a v1.4.20, cuando un sistema operativo insensible a mayúsculas o minúsculas o sistemas de ficheros son utilizados, realiza comparaciones entre mayúsculas y minúsculas en componentes de nombres de ficheros en las opciones de configuración, lo cual puede permitir a atacantes remotos evitar restricciones de acceso intencionadas, como lo demostrado por un fichero .PHP cuando hay una regla de configuración de ficheros .php.", }, ], id: "CVE-2008-4360", lastModified: "2024-11-21T00:51:29.737", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: true, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2008-10-03T17:41:40.447", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://openwall.com/lists/oss-security/2008/09/30/1", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://openwall.com/lists/oss-security/2008/09/30/2", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://openwall.com/lists/oss-security/2008/09/30/3", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/32069", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/32132", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/32480", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/32834", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/32972", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://security.gentoo.org/glsa/glsa-200812-04.xml", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Vendor Advisory", ], url: "http://trac.lighttpd.net/trac/changeset/2283", }, { source: "cve@mitre.org", tags: [ "Broken Link", "Vendor Advisory", ], url: "http://trac.lighttpd.net/trac/changeset/2308", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://trac.lighttpd.net/trac/ticket/1589", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://wiki.rpath.com/Advisories:rPSA-2008-0309", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0309", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2008/dsa-1645", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.lighttpd.net/security/lighttpd-1.4.x_userdir_lowercase.patch", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.lighttpd.net/security/lighttpd_sa_2008_06.txt", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/497932/100/0/threaded", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/31600", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.vupen.com/english/advisories/2008/2741", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/45689", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://openwall.com/lists/oss-security/2008/09/30/1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://openwall.com/lists/oss-security/2008/09/30/2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://openwall.com/lists/oss-security/2008/09/30/3", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/32069", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/32132", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/32480", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/32834", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://secunia.com/advisories/32972", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://security.gentoo.org/glsa/glsa-200812-04.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Vendor Advisory", ], url: "http://trac.lighttpd.net/trac/changeset/2283", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", "Vendor Advisory", ], url: "http://trac.lighttpd.net/trac/changeset/2308", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://trac.lighttpd.net/trac/ticket/1589", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://wiki.rpath.com/Advisories:rPSA-2008-0309", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0309", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2008/dsa-1645", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.lighttpd.net/security/lighttpd-1.4.x_userdir_lowercase.patch", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.lighttpd.net/security/lighttpd_sa_2008_06.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/archive/1/497932/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/31600", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.vupen.com/english/advisories/2008/2741", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/45689", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2005-02-16 05:00
Modified
2024-11-20 23:55
Severity ?
Summary
The buffer_urldecode function in Lighttpd 1.3.7 and earlier does not properly handle control characters, which allows remote attackers to obtain the source code for CGI and FastCGI scripts via a URL with a %00 (null) character after the file extension.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| cve@mitre.org | http://article.gmane.org/gmane.comp.web.lighttpd/1171 | Patch, Vendor Advisory | |
| cve@mitre.org | http://secunia.com/advisories/14297 | Patch, Vendor Advisory | |
| cve@mitre.org | http://security.gentoo.org/glsa/glsa-200502-21.xml | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://article.gmane.org/gmane.comp.web.lighttpd/1171 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/14297 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | http://security.gentoo.org/glsa/glsa-200502-21.xml | Patch, Vendor Advisory |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.7:*:*:*:*:*:*:*", matchCriteriaId: "D7FE9EF8-936E-4351-B512-02B181C4DF5E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "The buffer_urldecode function in Lighttpd 1.3.7 and earlier does not properly handle control characters, which allows remote attackers to obtain the source code for CGI and FastCGI scripts via a URL with a %00 (null) character after the file extension.", }, ], id: "CVE-2005-0453", lastModified: "2024-11-20T23:55:09.607", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2005-02-16T05:00:00.000", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://article.gmane.org/gmane.comp.web.lighttpd/1171", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/14297", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://security.gentoo.org/glsa/glsa-200502-21.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://article.gmane.org/gmane.comp.web.lighttpd/1171", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/14297", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://security.gentoo.org/glsa/glsa-200502-21.xml", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2008-03-04 23:44
Modified
2024-11-21 00:43
Severity ?
Summary
mod_cgi in lighttpd 1.4.18 sends the source code of CGI scripts instead of a 500 error when a fork failure occurs, which might allow remote attackers to obtain sensitive information.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.18:*:*:*:*:*:*:*", matchCriteriaId: "DA46E89A-565E-439D-BCB2-6CEE44EFDFAC", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "mod_cgi in lighttpd 1.4.18 sends the source code of CGI scripts instead of a 500 error when a fork failure occurs, which might allow remote attackers to obtain sensitive information.", }, { lang: "es", value: "El mod_cgi en lighttpd versión 1.4.18, envía el código fuente de los scripts CGI en lugar de un error 500 cuando ocurre un fallo de bifurcación, lo que podría permitir a los atacantes remotos obtener información confidencial.", }, ], id: "CVE-2008-1111", lastModified: "2024-11-21T00:43:42.230", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2008-03-04T23:44:00.000", references: [ { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/29209", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/29235", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/29268", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/29275", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/29318", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/29622", }, { source: "cve@mitre.org", url: "http://security.gentoo.org/glsa/glsa-200803-10.xml", }, { source: "cve@mitre.org", url: "http://trac.lighttpd.net/trac/changeset/2107", }, { source: "cve@mitre.org", url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0106", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2008/dsa-1513", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/archive/1/489465/100/0/threaded", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/28100", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://www.vupen.com/english/advisories/2008/0763", }, { source: "cve@mitre.org", url: "https://bugs.gentoo.org/show_bug.cgi?id=211956", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/41008", }, { source: "cve@mitre.org", url: "https://issues.rpath.com/browse/RPL-2326", }, { source: "cve@mitre.org", url: "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00162.html", }, { source: "cve@mitre.org", url: "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00180.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/29209", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/29235", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/29268", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/29275", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/29318", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/29622", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://security.gentoo.org/glsa/glsa-200803-10.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://trac.lighttpd.net/trac/changeset/2107", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0106", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2008/dsa-1513", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/489465/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/28100", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://www.vupen.com/english/advisories/2008/0763", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://bugs.gentoo.org/show_bug.cgi?id=211956", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/41008", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://issues.rpath.com/browse/RPL-2326", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00162.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00180.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-200", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2007-07-24 00:30
Modified
2024-11-21 00:34
Severity ?
Summary
mod_auth (http_auth.c) in lighttpd before 1.4.16 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors involving (1) a memory leak, (2) use of md5-sess without a cnonce, (3) base64 encoded strings, and (4) trailing whitespace in the Auth-Digest header.
References
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*", matchCriteriaId: "280F8BA1-34E8-4A93-871C-49E6F6826F2C", versionEndIncluding: "1.4.15", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "mod_auth (http_auth.c) in lighttpd before 1.4.16 allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors involving (1) a memory leak, (2) use of md5-sess without a cnonce, (3) base64 encoded strings, and (4) trailing whitespace in the Auth-Digest header.", }, { lang: "es", value: "mod_auth (http_auth.c) en lighttpd anterior a 1.4.16 permite a atacantes remotos provocar denegación de servicio (caida de demonio) a través de vectores no especificados afectando a (1)una debilidad de memoria, (2)utilización de md5-sess sin un cnonce, (3) cadenas códificadas en base64, y (4) restos de espacios en blanco en la cabecera Auth-Digest.", }, ], id: "CVE-2007-3946", lastModified: "2024-11-21T00:34:26.020", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.4, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 4.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2007-07-24T00:30:00.000", references: [ { source: "cve@mitre.org", url: "http://osvdb.org/38314", }, { source: "cve@mitre.org", url: "http://osvdb.org/38315", }, { source: "cve@mitre.org", url: "http://osvdb.org/38316", }, { source: "cve@mitre.org", url: "http://osvdb.org/38317", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "http://secunia.com/advisories/26130", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/26158", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/26505", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/26593", }, { source: "cve@mitre.org", url: "http://security.gentoo.org/glsa/glsa-200708-11.xml", }, { source: "cve@mitre.org", url: "http://trac.lighttpd.net/trac/browser/branches/lighttpd-1.4.x/NEWS?rev=1875", }, { source: "cve@mitre.org", url: "http://trac.lighttpd.net/trac/changeset/1875", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2007/dsa-1362", }, { source: "cve@mitre.org", url: "http://www.novell.com/linux/security/advisories/2007_15_sr.html", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/archive/1/474131/100/0/threaded", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/24967", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2007/2585", }, { source: "cve@mitre.org", url: "https://issues.rpath.com/browse/RPL-1550", }, { source: "cve@mitre.org", url: "https://issues.rpath.com/browse/RPL-1554", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://osvdb.org/38314", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://osvdb.org/38315", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://osvdb.org/38316", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://osvdb.org/38317", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://secunia.com/advisories/26130", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://secunia.com/advisories/26158", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/26505", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/26593", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://security.gentoo.org/glsa/glsa-200708-11.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://trac.lighttpd.net/trac/browser/branches/lighttpd-1.4.x/NEWS?rev=1875", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://trac.lighttpd.net/trac/changeset/1875", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2007/dsa-1362", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.novell.com/linux/security/advisories/2007_15_sr.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/474131/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/24967", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2007/2585", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://issues.rpath.com/browse/RPL-1550", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://issues.rpath.com/browse/RPL-1554", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2008-02-26 18:44
Modified
2024-11-21 00:43
Severity ?
Summary
lighttpd 1.4.18, and possibly other versions before 1.5.0, does not properly calculate the size of a file descriptor array, which allows remote attackers to cause a denial of service (crash) via a large number of connections, which triggers an out-of-bounds access.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| lighttpd | lighttpd | 1.4.7 | |
| lighttpd | lighttpd | 1.4.8 | |
| lighttpd | lighttpd | 1.4.9 | |
| lighttpd | lighttpd | 1.4.10 | |
| lighttpd | lighttpd | 1.4.11 | |
| lighttpd | lighttpd | 1.4.12 | |
| lighttpd | lighttpd | 1.4.13 | |
| lighttpd | lighttpd | 1.4.14 | |
| lighttpd | lighttpd | 1.4.15 | |
| lighttpd | lighttpd | 1.4.16 | |
| lighttpd | lighttpd | 1.4.17 | |
| lighttpd | lighttpd | 1.4.18 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.7:*:*:*:*:*:*:*", matchCriteriaId: "B4F8F89B-5A10-4EE3-A035-1CEA44B1691A", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.8:*:*:*:*:*:*:*", matchCriteriaId: "F89FCD49-0C73-4E73-9D99-38700B622A06", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.9:*:*:*:*:*:*:*", matchCriteriaId: "FFA9AF51-F423-4167-88AB-5BF916BCC273", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.10:*:*:*:*:*:*:*", matchCriteriaId: "A21B3F82-1C1D-46EE-92EF-46F7F590957E", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.11:*:*:*:*:*:*:*", matchCriteriaId: "482312DE-D483-42EC-B8B3-C71CE088C7B2", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.12:*:*:*:*:*:*:*", matchCriteriaId: "D5549E74-A7A7-4D99-B08B-C6ACFB3917FD", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.13:*:*:*:*:*:*:*", matchCriteriaId: "72ABD4D8-8AD9-45E5-8FF5-FA947AC07F49", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.14:*:*:*:*:*:*:*", matchCriteriaId: "0EC04CE1-4C31-42B7-A92D-38393F549014", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.15:*:*:*:*:*:*:*", matchCriteriaId: "F79EED03-A95B-4636-A0AA-1F9E72DEF930", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.16:*:*:*:*:*:*:*", matchCriteriaId: "176D53A7-A81C-4C1F-A7B8-90604A9545F8", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.17:*:*:*:*:*:*:*", matchCriteriaId: "8372FF7B-CF9B-4963-AB53-704E87AF3540", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.18:*:*:*:*:*:*:*", matchCriteriaId: "DA46E89A-565E-439D-BCB2-6CEE44EFDFAC", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "lighttpd 1.4.18, and possibly other versions before 1.5.0, does not properly calculate the size of a file descriptor array, which allows remote attackers to cause a denial of service (crash) via a large number of connections, which triggers an out-of-bounds access.", }, { lang: "es", value: "lighttpd 1.4.18 y posiblemente otras versiones anteriores a la 1.5.0, no calcula correctamente el tamaño del array descriptor de archivos, lo que permite a atacantes remotos provocar una denegación de servicio (caída) a través de un gran número de conexiones, lo cual dispara un acceso fuera de límite.", }, ], id: "CVE-2008-0983", lastModified: "2024-11-21T00:43:22.217", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:N/I:N/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2008-02-26T18:44:00.000", references: [ { source: "cve@mitre.org", url: "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/29066", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/29166", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/29209", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/29268", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/29622", }, { source: "cve@mitre.org", url: "http://secunia.com/advisories/31104", }, { source: "cve@mitre.org", url: "http://security.gentoo.org/glsa/glsa-200803-10.xml", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "http://trac.lighttpd.net/trac/ticket/1562", }, { source: "cve@mitre.org", url: "http://wiki.rpath.com/Advisories:rPSA-2008-0084", }, { source: "cve@mitre.org", url: "http://www.debian.org/security/2008/dsa-1609", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/archive/1/488926/100/0/threaded", }, { source: "cve@mitre.org", tags: [ "Patch", ], url: "http://www.securityfocus.com/bid/27943", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2008/0659/references", }, { source: "cve@mitre.org", url: "https://issues.rpath.com/browse/RPL-2284", }, { source: "cve@mitre.org", url: "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00162.html", }, { source: "cve@mitre.org", url: "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00180.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/29066", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/29166", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/29209", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/29268", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/29622", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://secunia.com/advisories/31104", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://security.gentoo.org/glsa/glsa-200803-10.xml", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://trac.lighttpd.net/trac/ticket/1562", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://wiki.rpath.com/Advisories:rPSA-2008-0084", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.debian.org/security/2008/dsa-1609", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/488926/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", ], url: "http://www.securityfocus.com/bid/27943", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2008/0659/references", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://issues.rpath.com/browse/RPL-2284", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00162.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.redhat.com/archives/fedora-package-announce/2008-March/msg00180.html", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-399", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2006-03-06 21:02
Modified
2024-11-21 00:07
Severity ?
Summary
response.c in Lighttpd 1.4.10 and possibly previous versions, when run on Windows, allows remote attackers to read arbitrary source code via requests that contain trailing (1) "." (dot) and (2) space characters, which are ignored by Windows, as demonstrated by PHP files.
References
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.0.2:*:*:*:*:*:*:*", matchCriteriaId: "73DE19FF-DAA2-4FFC-9392-6CE1B0B5DF5A", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.0.3:*:*:*:*:*:*:*", matchCriteriaId: "57FABC2C-E678-45E8-9FB3-3026D55D26F3", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.1.0:*:*:*:*:*:*:*", matchCriteriaId: "FB0332C2-9720-4329-A379-5B7048034B3B", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.1.1:*:*:*:*:*:*:*", matchCriteriaId: "F2549EBF-E4B6-4574-BCD8-9DB5F195C9AE", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.1.2:*:*:*:*:*:*:*", matchCriteriaId: "B29F5471-E2A9-421D-A1B5-F0B1444CA9AC", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.1.3:*:*:*:*:*:*:*", matchCriteriaId: "F44FDF24-03A1-43F3-9D9E-F744F0A1AC3F", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.1.4:*:*:*:*:*:*:*", matchCriteriaId: "A4B990A8-B28C-4A4C-89AB-50C754EF6491", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.1.5:*:*:*:*:*:*:*", matchCriteriaId: "55C0A9A3-E628-4AA8-8676-81A8528CC174", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.1.6:*:*:*:*:*:*:*", matchCriteriaId: "8119BEB6-5CBC-4279-9BDE-53ADF1A55F44", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.1.7:*:*:*:*:*:*:*", matchCriteriaId: "211959AC-B76B-4E87-8A08-7789B47F823E", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.1.8:*:*:*:*:*:*:*", matchCriteriaId: "B10DF110-D68E-448F-8BEE-39E0B569596D", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.1.9:*:*:*:*:*:*:*", matchCriteriaId: "1A4B7EDE-CA57-4FB2-8306-924FC8BD9C7A", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.2.0:*:*:*:*:*:*:*", matchCriteriaId: "E9A2745B-661B-489A-9140-FD63F668161A", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.2.1:*:*:*:*:*:*:*", matchCriteriaId: "769931EC-F36A-4F72-A836-85B65CA815C8", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.2.2:*:*:*:*:*:*:*", matchCriteriaId: "D4FE8C27-6822-4AA2-AB80-D29871C74DC2", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.2.3:*:*:*:*:*:*:*", matchCriteriaId: "6FB702A9-C175-477C-B4C7-30AF7DB26165", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.2.4:*:*:*:*:*:*:*", matchCriteriaId: "08784A81-A00C-4FBD-9A79-35D139FA3079", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.2.5:*:*:*:*:*:*:*", matchCriteriaId: "957A7575-FCAB-4C6B-93C8-C9065B412D8A", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.2.6:*:*:*:*:*:*:*", matchCriteriaId: "1BE481AA-EF32-47AD-846A-FEDE38637680", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.2.7:*:*:*:*:*:*:*", matchCriteriaId: "FFC56FD6-481A-4D60-BAF3-C988AA2395D7", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.2.8:*:*:*:*:*:*:*", matchCriteriaId: "5C691300-EA97-4F67-9C27-3C44FE22E283", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.0:*:*:*:*:*:*:*", matchCriteriaId: "E0D09EDA-6E8F-4535-98ED-D972940E2E54", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.1:*:*:*:*:*:*:*", matchCriteriaId: "E384FD34-327C-40E7-9043-67BC69E6A52B", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.2:*:*:*:*:*:*:*", matchCriteriaId: "B922D725-F31A-453B-B396-6C7FE0D4844B", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.3:*:*:*:*:*:*:*", matchCriteriaId: "EB61C0DE-BAEB-4D65-91EA-D34BA0BEFC49", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.4:*:*:*:*:*:*:*", matchCriteriaId: "C395148E-BF0E-4C27-B903-444238736B1F", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.5:*:*:*:*:*:*:*", matchCriteriaId: "0C001488-5A41-45F8-A270-C184728C1614", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.6:*:*:*:*:*:*:*", matchCriteriaId: "AAA6EA41-CE55-4854-A5FA-4A49D1A648BD", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.7:*:*:*:*:*:*:*", matchCriteriaId: "D7FE9EF8-936E-4351-B512-02B181C4DF5E", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.8:*:*:*:*:*:*:*", matchCriteriaId: "16152422-AE34-4970-95B5-440CE8821A05", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.9:*:*:*:*:*:*:*", matchCriteriaId: "F8D34AB8-5DDD-421F-9C9D-65B6B10EDC7C", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.10:*:*:*:*:*:*:*", matchCriteriaId: "53143B04-BB2D-4C40-83B1-8BF8BC6547E6", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.11:*:*:*:*:*:*:*", matchCriteriaId: "589775AF-21DF-4E41-BFE6-41E4FAAB0F28", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.12:*:*:*:*:*:*:*", matchCriteriaId: "E35D1709-6B2C-4F22-9948-F69F88F9156A", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.13:*:*:*:*:*:*:*", matchCriteriaId: "B4949447-0590-4F76-A00E-1EB94FB7621F", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.14:*:*:*:*:*:*:*", matchCriteriaId: "FAF5B9E9-8BB5-42A6-AF87-5CEE31D2EDC5", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.15:*:*:*:*:*:*:*", matchCriteriaId: "518A4727-ECB7-41C4-8DF5-5375BA5281C3", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.3.16:*:*:*:*:*:*:*", matchCriteriaId: "17207B51-0E7F-4AD2-8AC4-5A5CDC5CDEE5", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.0:*:*:*:*:*:*:*", matchCriteriaId: "45FC99E1-57D4-4B12-BA26-090142B7CBC3", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.1:*:*:*:*:*:*:*", matchCriteriaId: "21E0FB64-62A3-4875-AFF1-CF4D1E7BA0D2", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.2:*:*:*:*:*:*:*", matchCriteriaId: "068AD0FA-306D-4C29-857C-21C6067287E8", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.3:*:*:*:*:*:*:*", matchCriteriaId: "1125A525-36BA-43E1-A316-6BB33DCEC672", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.4:*:*:*:*:*:*:*", matchCriteriaId: "A7E488CF-A3F1-4C8B-A92A-8764FA1E6032", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.5:*:*:*:*:*:*:*", matchCriteriaId: "A5DEAF46-95C2-4187-AF5A-FB8CB2E6FD04", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.6:*:*:*:*:*:*:*", matchCriteriaId: "24C0ECA9-5A9F-47CA-B8CA-28C7324EC722", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.7:*:*:*:*:*:*:*", matchCriteriaId: "B4F8F89B-5A10-4EE3-A035-1CEA44B1691A", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.8:*:*:*:*:*:*:*", matchCriteriaId: "F89FCD49-0C73-4E73-9D99-38700B622A06", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.9:*:*:*:*:*:*:*", matchCriteriaId: "FFA9AF51-F423-4167-88AB-5BF916BCC273", vulnerable: true, }, { criteria: "cpe:2.3:a:lighttpd:lighttpd:1.4.10:*:*:*:*:*:*:*", matchCriteriaId: "A21B3F82-1C1D-46EE-92EF-46F7F590957E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "response.c in Lighttpd 1.4.10 and possibly previous versions, when run on Windows, allows remote attackers to read arbitrary source code via requests that contain trailing (1) \".\" (dot) and (2) space characters, which are ignored by Windows, as demonstrated by PHP files.", }, { lang: "es", value: "response.c en Lighttpd 1.4.10 y posiblemente versiones anteriores, cuando se ejecuta sobre Windows, permite a atacantes leer código fuente de su elección mediante peticiones conteniendo caractéres (1) \".\" (punto) y (2) espacio al final, que son ignoradas por Windows, como se ha demostrado en ficheros PHP.", }, ], id: "CVE-2006-0814", lastModified: "2024-11-21T00:07:24.133", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "PARTIAL", integrityImpact: "NONE", vectorString: "AV:N/AC:L/Au:N/C:P/I:N/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], }, published: "2006-03-06T21:02:00.000", references: [ { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/18886", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/secunia_research/2006-9/advisory/", }, { source: "cve@mitre.org", url: "http://securityreason.com/securityalert/523", }, { source: "cve@mitre.org", url: "http://securitytracker.com/id?1015703", }, { source: "cve@mitre.org", url: "http://trac.lighttpd.net/trac/changeset/1005", }, { source: "cve@mitre.org", url: "http://www.osvdb.org/23542", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/archive/1/426446/100/0/threaded", }, { source: "cve@mitre.org", url: "http://www.securityfocus.com/bid/16893", }, { source: "cve@mitre.org", url: "http://www.vupen.com/english/advisories/2006/0782", }, { source: "cve@mitre.org", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/24976", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/advisories/18886", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://secunia.com/secunia_research/2006-9/advisory/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://securityreason.com/securityalert/523", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://securitytracker.com/id?1015703", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://trac.lighttpd.net/trac/changeset/1005", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.osvdb.org/23542", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/archive/1/426446/100/0/threaded", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/16893", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.vupen.com/english/advisories/2006/0782", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://exchange.xforce.ibmcloud.com/vulnerabilities/24976", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-Other", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2014-03-14 15:55
Modified
2024-11-21 02:06
Severity ?
Summary
SQL injection vulnerability in mod_mysql_vhost.c in lighttpd before 1.4.35 allows remote attackers to execute arbitrary SQL commands via the host name, related to request_check_hostname.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| lighttpd | lighttpd | * | |
| debian | debian_linux | 6.0 | |
| debian | debian_linux | 7.0 | |
| debian | debian_linux | 8.0 | |
| opensuse | opensuse | 11.4 | |
| opensuse | opensuse | 12.3 | |
| opensuse | opensuse | 13.1 | |
| suse | linux_enterprise_high_availability_extension | 11 | |
| suse | linux_enterprise_software_development_kit | 11 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*", matchCriteriaId: "073885C4-B20B-46CA-8187-D644E5A53877", versionEndExcluding: "1.4.35", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:debian:debian_linux:6.0:*:*:*:*:*:*:*", matchCriteriaId: "036E8A89-7A16-411F-9D31-676313BB7244", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", matchCriteriaId: "16F59A04-14CF-49E2-9973-645477EA09DA", vulnerable: true, }, { criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", matchCriteriaId: "DE554781-1EB9-446E-911F-6C11970C47F4", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", matchCriteriaId: "DFBF430B-0832-44B0-AA0E-BA9E467F7668", vulnerable: true, }, { criteria: "cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*", matchCriteriaId: "A10BC294-9196-425F-9FB0-B1625465B47F", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_high_availability_extension:11:sp3:*:*:*:*:*:*", matchCriteriaId: "A3A907A3-2A3A-46D4-8D75-914649877B65", vulnerable: true, }, { criteria: "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*", matchCriteriaId: "2F7F8866-DEAD-44D1-AB10-21EE611AA026", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "SQL injection vulnerability in mod_mysql_vhost.c in lighttpd before 1.4.35 allows remote attackers to execute arbitrary SQL commands via the host name, related to request_check_hostname.", }, { lang: "es", value: "Vulnerabilidad de inyección SQL en mod_mysql_vhost.c en lighttpd anterior a 1.4.35 permite a atacantes remotos ejecutar comandos SQL arbitrarios a través del nombre de host, relacionado con request_check_hostname.", }, ], id: "CVE-2014-2323", lastModified: "2024-11-21T02:06:04.480", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 10, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 3.9, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2014-03-14T15:55:05.743", references: [ { source: "cve@mitre.org", tags: [ "Exploit", "Vendor Advisory", ], url: "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2014_01.txt", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://jvn.jp/en/jp/JVN37417423/index.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00023.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00002.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00006.html", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141576815022399&w=2", }, { source: "cve@mitre.org", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/oss-sec/2014/q1/561", }, { source: "cve@mitre.org", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/oss-sec/2014/q1/564", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/57404", }, { source: "cve@mitre.org", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/57514", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-2877", }, { source: "cve@mitre.org", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.lighttpd.net/2014/3/12/1.4.35/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Vendor Advisory", ], url: "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2014_01.txt", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://jvn.jp/en/jp/JVN37417423/index.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00023.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00002.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00006.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://marc.info/?l=bugtraq&m=141576815022399&w=2", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Exploit", "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/oss-sec/2014/q1/561", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Mailing List", "Third Party Advisory", ], url: "http://seclists.org/oss-sec/2014/q1/564", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/57404", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Broken Link", ], url: "http://secunia.com/advisories/57514", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2014/dsa-2877", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "http://www.lighttpd.net/2014/3/12/1.4.35/", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-89", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
var-201904-0995
Vulnerability from variot
lighttpd before 1.4.54 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a malicious HTTP GET request, as demonstrated by mishandling of /%2F? in burl_normalize_2F_to_slash_fix in burl.c. NOTE: The developer states "The feature which can be abused to cause the crash is a new feature in lighttpd 1.4.50, and is not enabled by default. It must be explicitly configured in the config file (e.g. lighttpd.conf). Certain input will trigger an abort() in lighttpd when that feature is enabled. lighttpd detects the underflow or realloc() will fail (in both 32-bit and 64-bit executables), also detected in lighttpd. Either triggers an explicit abort() by lighttpd. This is not exploitable beyond triggering the explicit abort() with subsequent application exit. ** Unsettled ** This case has not been confirmed as a vulnerability. lighttpd Contains an integer overflow vulnerability. The vendor has disputed this vulnerability. For details, see NVD of Current Description Please Confirm. https://nvd.nist.gov/vuln/detail/CVE-2019-11072Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Lighttpd is an open source web server for German JanKneschke software developers. An input validation error vulnerability exists in versions prior to lighttpd 1.4.54. The vulnerability stems from a network system or product that does not properly validate the input data. An attacker exploited the vulnerability to cause a denial of service or code execution vulnerability. lighttpd is prone to an integer overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized memory buffer. An attacker can exploit this issue to crash the affected application, resulting in denial-of-service conditions. Due to the nature of this issue, arbitrary code execution may be possible but this has not been confirmed
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", affected_products: { "@id": "https://www.variotdbs.pl/ref/affected_products", }, configurations: { "@id": "https://www.variotdbs.pl/ref/configurations", }, credits: { "@id": "https://www.variotdbs.pl/ref/credits", }, cvss: { "@id": "https://www.variotdbs.pl/ref/cvss/", }, description: { "@id": "https://www.variotdbs.pl/ref/description/", }, exploit_availability: { "@id": "https://www.variotdbs.pl/ref/exploit_availability/", }, external_ids: { "@id": "https://www.variotdbs.pl/ref/external_ids/", }, iot: { "@id": "https://www.variotdbs.pl/ref/iot/", }, iot_taxonomy: { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/", }, patch: { "@id": "https://www.variotdbs.pl/ref/patch/", }, problemtype_data: { "@id": "https://www.variotdbs.pl/ref/problemtype_data/", }, references: { "@id": "https://www.variotdbs.pl/ref/references/", }, sources: { "@id": "https://www.variotdbs.pl/ref/sources/", }, sources_release_date: { "@id": "https://www.variotdbs.pl/ref/sources_release_date/", }, sources_update_date: { "@id": "https://www.variotdbs.pl/ref/sources_update_date/", }, threat_type: { "@id": "https://www.variotdbs.pl/ref/threat_type/", }, title: { "@id": "https://www.variotdbs.pl/ref/title/", }, type: { "@id": "https://www.variotdbs.pl/ref/type/", }, }, "@id": "https://www.variotdbs.pl/vuln/VAR-201904-0995", affected_products: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { model: "lighttpd", scope: "lte", trust: 1, vendor: "lighttpd", version: "1.4.53", }, { model: "lighttpd", scope: "lt", trust: 0.8, vendor: "lighttpd", version: "1.4.54", }, { model: "kneschke lighttpd", scope: "lt", trust: 0.6, vendor: "jan", version: "1.4.54", }, { model: "lighttpd", scope: "eq", trust: 0.3, vendor: "lighttpd", version: "1.5", }, { model: "lighttpd", scope: "eq", trust: 0.3, vendor: "lighttpd", version: "1.4.32", }, { model: "lighttpd", scope: "eq", trust: 0.3, vendor: "lighttpd", version: "1.4.31", }, { model: "lighttpd", scope: "eq", trust: 0.3, vendor: "lighttpd", version: "1.4.30", }, { model: "lighttpd", scope: "eq", trust: 0.3, vendor: "lighttpd", version: "1.4.26", }, { model: "lighttpd", scope: "eq", trust: 0.3, vendor: "lighttpd", version: "1.4.25", }, { model: "lighttpd", scope: "eq", trust: 0.3, vendor: "lighttpd", version: "1.4.24", }, { model: "lighttpd", scope: "eq", trust: 0.3, vendor: "lighttpd", version: "1.4.23", }, { model: "lighttpd", scope: "eq", trust: 0.3, vendor: "lighttpd", version: "1.4.20", }, { model: "lighttpd", scope: "eq", trust: 0.3, vendor: "lighttpd", version: "1.4.19", }, { model: "lighttpd", scope: "eq", trust: 0.3, vendor: "lighttpd", version: "1.4.18", }, { model: "lighttpd", scope: "eq", trust: 0.3, vendor: "lighttpd", version: "1.4.17", }, { model: "lighttpd", scope: "eq", trust: 0.3, vendor: "lighttpd", version: "1.4.16", }, { model: "lighttpd", scope: "eq", trust: 0.3, vendor: "lighttpd", version: "1.4.15", }, { model: "lighttpd", scope: "eq", trust: 0.3, vendor: "lighttpd", version: "1.4.14", }, { model: "lighttpd", scope: "eq", trust: 0.3, vendor: "lighttpd", version: "1.4.13", }, { model: "lighttpd", scope: "eq", trust: 0.3, vendor: "lighttpd", version: "1.4.12", }, { model: "lighttpd", scope: "eq", trust: 0.3, vendor: "lighttpd", version: "1.4.11", }, { model: "lighttpd", scope: "eq", trust: 0.3, vendor: "lighttpd", version: "1.4.10", }, { model: "lighttpd", scope: "eq", trust: 0.3, vendor: "lighttpd", version: "1.4.9", }, { model: "lighttpd", scope: "eq", trust: 0.3, vendor: "lighttpd", version: "1.4.8", }, { model: "lighttpd", scope: "eq", trust: 0.3, vendor: "lighttpd", version: "1.4.7", }, { model: "lighttpd", scope: "eq", trust: 0.3, vendor: "lighttpd", version: "1.4.6", }, { model: "lighttpd", scope: "eq", trust: 0.3, vendor: "lighttpd", version: "1.4.5", }, { model: "lighttpd", scope: "eq", trust: 0.3, vendor: "lighttpd", version: "1.4.4", }, { model: "lighttpd", scope: "eq", trust: 0.3, vendor: "lighttpd", version: "1.4.3", }, { model: "lighttpd", scope: "eq", trust: 0.3, vendor: "lighttpd", version: "1.4.2", }, { model: "lighttpd", scope: "eq", trust: 0.3, vendor: "lighttpd", version: "1.4.1", }, { model: "lighttpd", scope: "eq", trust: 0.3, vendor: "lighttpd", version: "1.4", }, { model: "lighttpd", scope: "eq", trust: 0.3, vendor: "lighttpd", version: "1.3.10", }, { model: "lighttpd", scope: "eq", trust: 0.3, vendor: "lighttpd", version: "1.3.8", }, { model: "lighttpd", scope: "eq", trust: 0.3, vendor: "lighttpd", version: "1.3.7", }, { model: "lighttpd", scope: "eq", trust: 0.3, vendor: "lighttpd", version: "1.4.35", }, { model: "lighttpd", scope: "eq", trust: 0.3, vendor: "lighttpd", version: "1.4.34", }, { model: "lighttpd", scope: "eq", trust: 0.3, vendor: "lighttpd", version: "1.4.33", }, { model: "lighttpd", scope: "ne", trust: 0.3, vendor: "lighttpd", version: "1.4.54", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-13852", }, { db: "BID", id: "107907", }, { db: "JVNDB", id: "JVNDB-2019-003364", }, { db: "NVD", id: "CVE-2019-11072", }, ], }, configurations: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", children: { "@container": "@list", }, cpe_match: { "@container": "@list", }, data: { "@container": "@list", }, nodes: { "@container": "@list", }, }, data: [ { CVE_data_version: "4.0", nodes: [ { cpe_match: [ { cpe22Uri: "cpe:/a:lighttpd:lighttpd", vulnerable: true, }, ], operator: "OR", }, ], }, ], sources: [ { db: "JVNDB", id: "JVNDB-2019-003364", }, ], }, credits: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Stephan Zeisberg", sources: [ { db: "BID", id: "107907", }, { db: "CNNVD", id: "CNNVD-201904-539", }, ], trust: 0.9, }, cve: "CVE-2019-11072", cvss: { "@context": { cvssV2: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2", }, cvssV3: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#", }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/", }, severity: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#", }, "@id": "https://www.variotdbs.pl/ref/cvss/severity", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, "@id": "https://www.variotdbs.pl/ref/sources", }, }, data: [ { cvssV2: [ { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "nvd@nist.gov", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CVE-2019-11072", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 1.9, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", author: "CNVD", availabilityImpact: "PARTIAL", baseScore: 7.5, confidentialityImpact: "PARTIAL", exploitabilityScore: 10, id: "CNVD-2019-13852", impactScore: 6.4, integrityImpact: "PARTIAL", severity: "HIGH", trust: 0.6, vectorString: "AV:N/AC:L/Au:N/C:P/I:P/A:P", version: "2.0", }, ], cvssV3: [ { attackComplexity: "LOW", attackVector: "NETWORK", author: "nvd@nist.gov", availabilityImpact: "HIGH", baseScore: 9.8, baseSeverity: "CRITICAL", confidentialityImpact: "HIGH", exploitabilityScore: 3.9, id: "CVE-2019-11072", impactScore: 5.9, integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", trust: 1.8, userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", version: "3.0", }, ], severity: [ { author: "nvd@nist.gov", id: "CVE-2019-11072", trust: 1, value: "CRITICAL", }, { author: "NVD", id: "CVE-2019-11072", trust: 0.8, value: "Critical", }, { author: "CNVD", id: "CNVD-2019-13852", trust: 0.6, value: "HIGH", }, { author: "CNNVD", id: "CNNVD-201904-539", trust: 0.6, value: "CRITICAL", }, { author: "VULMON", id: "CVE-2019-11072", trust: 0.1, value: "HIGH", }, ], }, ], sources: [ { db: "CNVD", id: "CNVD-2019-13852", }, { db: "VULMON", id: "CVE-2019-11072", }, { db: "JVNDB", id: "JVNDB-2019-003364", }, { db: "CNNVD", id: "CNNVD-201904-539", }, { db: "NVD", id: "CVE-2019-11072", }, ], }, description: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "lighttpd before 1.4.54 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a malicious HTTP GET request, as demonstrated by mishandling of /%2F? in burl_normalize_2F_to_slash_fix in burl.c. NOTE: The developer states \"The feature which can be abused to cause the crash is a new feature in lighttpd 1.4.50, and is not enabled by default. It must be explicitly configured in the config file (e.g. lighttpd.conf). Certain input will trigger an abort() in lighttpd when that feature is enabled. lighttpd detects the underflow or realloc() will fail (in both 32-bit and 64-bit executables), also detected in lighttpd. Either triggers an explicit abort() by lighttpd. This is not exploitable beyond triggering the explicit abort() with subsequent application exit. ** Unsettled ** This case has not been confirmed as a vulnerability. lighttpd Contains an integer overflow vulnerability. The vendor has disputed this vulnerability. For details, see NVD of Current Description Please Confirm. https://nvd.nist.gov/vuln/detail/CVE-2019-11072Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Lighttpd is an open source web server for German JanKneschke software developers. An input validation error vulnerability exists in versions prior to lighttpd 1.4.54. The vulnerability stems from a network system or product that does not properly validate the input data. An attacker exploited the vulnerability to cause a denial of service or code execution vulnerability. lighttpd is prone to an integer overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized memory buffer. \nAn attacker can exploit this issue to crash the affected application, resulting in denial-of-service conditions. Due to the nature of this issue, arbitrary code execution may be possible but this has not been confirmed", sources: [ { db: "NVD", id: "CVE-2019-11072", }, { db: "JVNDB", id: "JVNDB-2019-003364", }, { db: "CNVD", id: "CNVD-2019-13852", }, { db: "BID", id: "107907", }, { db: "VULMON", id: "CVE-2019-11072", }, ], trust: 2.52, }, external_ids: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { db: "NVD", id: "CVE-2019-11072", trust: 3.4, }, { db: "BID", id: "107907", trust: 2.6, }, { db: "JVNDB", id: "JVNDB-2019-003364", trust: 0.8, }, { db: "CNVD", id: "CNVD-2019-13852", trust: 0.6, }, { db: "CNNVD", id: "CNNVD-201904-539", trust: 0.6, }, { db: "VULMON", id: "CVE-2019-11072", trust: 0.1, }, ], sources: [ { db: "CNVD", id: "CNVD-2019-13852", }, { db: "VULMON", id: "CVE-2019-11072", }, { db: "BID", id: "107907", }, { db: "JVNDB", id: "JVNDB-2019-003364", }, { db: "CNNVD", id: "CNNVD-201904-539", }, { db: "NVD", id: "CVE-2019-11072", }, ], }, id: "VAR-201904-0995", iot: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: true, sources: [ { db: "CNVD", id: "CNVD-2019-13852", }, ], trust: 1.6, }, iot_taxonomy: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { category: [ "Network device", ], sub_category: null, trust: 0.6, }, ], sources: [ { db: "CNVD", id: "CNVD-2019-13852", }, ], }, last_update_date: "2024-11-23T22:45:00.165000Z", patch: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { title: "[core] fix abort in http-parseopts (fixes #2945)", trust: 0.8, url: "https://github.com/lighttpd/lighttpd1.4/commit/32120d5b8b3203fc21ccb9eafb0eaf824bb59354", }, { title: "Bug #2945", trust: 0.8, url: "https://redmine.lighttpd.net/issues/2945", }, { title: "Lighttpd enters a patch to verify the error vulnerability", trust: 0.6, url: "https://www.cnvd.org.cn/patchInfo/show/160987", }, { title: "lighttpd Enter the fix for the verification error vulnerability", trust: 0.6, url: "http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=91354", }, { title: "Debian CVElist Bug Report Logs: lighttpd: CVE-2019-11072", trust: 0.1, url: "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs&qid=9b235b8ab3dbcb0acdb0f9df18f1403b", }, { title: "", trust: 0.1, url: "https://github.com/jreisinger/checkip ", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-13852", }, { db: "VULMON", id: "CVE-2019-11072", }, { db: "JVNDB", id: "JVNDB-2019-003364", }, { db: "CNNVD", id: "CNNVD-201904-539", }, ], }, problemtype_data: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { problemtype: "CWE-190", trust: 1.8, }, ], sources: [ { db: "JVNDB", id: "JVNDB-2019-003364", }, { db: "NVD", id: "CVE-2019-11072", }, ], }, references: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", data: { "@container": "@list", }, sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: [ { trust: 2.3, url: "http://www.securityfocus.com/bid/107907", }, { trust: 2, url: "https://github.com/lighttpd/lighttpd1.4/commit/32120d5b8b3203fc21ccb9eafb0eaf824bb59354", }, { trust: 1.4, url: "https://redmine.lighttpd.net/issues/2945", }, { trust: 1.4, url: "https://nvd.nist.gov/vuln/detail/cve-2019-11072", }, { trust: 0.8, url: "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11072", }, { trust: 0.6, url: "httpd1.4/commit/32120d5b8b3203fc21ccb9eafb0eaf824bb59354", }, { trust: 0.6, url: "httpd/lig", }, { trust: 0.6, url: "https://github.com/lig", }, { trust: 0.6, url: "httpd.net/issues/2945", }, { trust: 0.6, url: "https://redmine.lig", }, { trust: 0.6, url: "http://www.lig", }, { trust: 0.6, url: "httpd.net/versions/55", }, { trust: 0.6, url: "httpd-denial-of-service-via-url-path-2f-decode-29025", }, { trust: 0.6, url: "https://vigilance.fr/vulnerability/lig", }, { trust: 0.3, url: "https://redmine.lighttpd.net/versions/55", }, { trust: 0.3, url: "http://www.lighttpd.net/", }, { trust: 0.1, url: "https://cwe.mitre.org/data/definitions/190.html", }, { trust: 0.1, url: "https://tools.cisco.com/security/center/viewalert.x?alertid=60000", }, { trust: 0.1, url: "https://nvd.nist.gov", }, ], sources: [ { db: "CNVD", id: "CNVD-2019-13852", }, { db: "VULMON", id: "CVE-2019-11072", }, { db: "BID", id: "107907", }, { db: "JVNDB", id: "JVNDB-2019-003364", }, { db: "CNNVD", id: "CNNVD-201904-539", }, { db: "NVD", id: "CVE-2019-11072", }, ], }, sources: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", data: { "@container": "@list", }, }, data: [ { db: "CNVD", id: "CNVD-2019-13852", }, { db: "VULMON", id: "CVE-2019-11072", }, { db: "BID", id: "107907", }, { db: "JVNDB", id: "JVNDB-2019-003364", }, { db: "CNNVD", id: "CNNVD-201904-539", }, { db: "NVD", id: "CVE-2019-11072", }, ], }, sources_release_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-05-13T00:00:00", db: "CNVD", id: "CNVD-2019-13852", }, { date: "2019-04-10T00:00:00", db: "VULMON", id: "CVE-2019-11072", }, { date: "2019-04-09T00:00:00", db: "BID", id: "107907", }, { date: "2019-05-15T00:00:00", db: "JVNDB", id: "JVNDB-2019-003364", }, { date: "2019-04-10T00:00:00", db: "CNNVD", id: "CNNVD-201904-539", }, { date: "2019-04-10T22:29:00.267000", db: "NVD", id: "CVE-2019-11072", }, ], }, sources_update_date: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", data: { "@container": "@list", }, }, data: [ { date: "2019-05-13T00:00:00", db: "CNVD", id: "CNVD-2019-13852", }, { date: "2023-11-07T00:00:00", db: "VULMON", id: "CVE-2019-11072", }, { date: "2019-04-09T00:00:00", db: "BID", id: "107907", }, { date: "2019-05-15T00:00:00", db: "JVNDB", id: "JVNDB-2019-003364", }, { date: "2019-04-24T00:00:00", db: "CNNVD", id: "CNNVD-201904-539", }, { date: "2024-11-21T04:20:29.117000", db: "NVD", id: "CVE-2019-11072", }, ], }, threat_type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "remote", sources: [ { db: "CNNVD", id: "CNNVD-201904-539", }, ], trust: 0.6, }, title: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "Lighttpd input validation error vulnerability", sources: [ { db: "CNVD", id: "CNVD-2019-13852", }, { db: "CNNVD", id: "CNNVD-201904-539", }, ], trust: 1.2, }, type: { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", sources: { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", }, }, }, data: "input validation error", sources: [ { db: "CNNVD", id: "CNNVD-201904-539", }, ], trust: 0.6, }, }