Lucene search
Debian Security Bug TrackerDEBIANCVE:CVE-2008-1531HistoryMar 27, 2008 - 11:44 p.m.
CVE-2008-1531
2008-03-2723:44:00
Debian Security Bug Tracker
security-tracker.debian.org
6
0.094 Low
EPSS
Percentile
94.7%
The connection_state_machine function (connections.c) in lighttpd 1.4.19 and earlier, and 1.5.x before 1.5.0, allows remote attackers to cause a denial of service (active SSL connection loss) by triggering an SSL error, such as disconnecting before a download has finished, which causes all active SSL connections to be lost.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Debian | 12 | all | lighttpd | < 1.4.19-2 | lighttpd_1.4.19-2_all.deb |
| Debian | 11 | all | lighttpd | < 1.4.19-2 | lighttpd_1.4.19-2_all.deb |
| Debian | 10 | all | lighttpd | < 1.4.19-2 | lighttpd_1.4.19-2_all.deb |
| Debian | 999 | all | lighttpd | < 1.4.19-2 | lighttpd_1.4.19-2_all.deb |
| Debian | 13 | all | lighttpd | < 1.4.19-2 | lighttpd_1.4.19-2_all.deb |
Related
nessus
nessus
openSUSE 10 Security Update : lighttpd (lighttpd-5216)
2008-05-02 00:00:00
Fedora 8 : lighttpd-1.4.19-4.fc8 (2008-3376)
2008-05-01 00:00:00
Fedora 9 : lighttpd-1.4.19-4.fc9 (2008-4119)
2008-05-20 00:00:00
securityvulns
securityvulns
lighthttpd SSL DoS
2008-04-01 00:00:00
rPSA-2008-0132-1 lighttpd
2008-04-01 00:00:00
debian
debian
[SECURITY] [DSA 1540-2] New lighttpd packages fix denial of service
2008-04-15 18:42:39
[SECURITY] [DSA 1540-1] New lighttpd packages fix denial of service
2008-04-07 17:44:17
[SECURITY] [DSA 1540-3] New lighttpd packages fix regression
2008-07-23 18:59:51
cve
cve
CVE-2008-1531
2008-03-27 23:44:00
cvelist
cvelist
CVE-2008-1531
2008-03-27 23:00:00
redhatcve
redhatcve
CVE-2008-1531
2019-10-04 22:02:39
seebug
seebug
Lighttpd SSL错误拒绝服务漏洞
2008-04-17 00:00:00
openvas
openvas
FreeBSD Ports: lighttpd
2008-09-04 00:00:00
Debian: Security Advisory (DSA-1540-1)
2008-08-15 00:00:00
Debian Security Advisory DSA 1540-3 (lighttpd)
2008-08-15 00:00:00
freebsd
freebsd
lighttpd -- OpenSSL Error Queue Denial of Service Vulnerability
2008-04-02 00:00:00
prion
prion
Design/Logic Flaw
2008-03-27 23:44:00
ubuntucve
ubuntucve
CVE-2008-1531
2008-03-27 00:00:00
fedora
fedora
[SECURITY] Fedora 9 Update: lighttpd-1.4.19-4.fc9
2008-05-17 22:28:22
[SECURITY] Fedora 7 Update: lighttpd-1.4.19-4.fc7
2008-04-29 20:54:00
[SECURITY] Fedora 8 Update: lighttpd-1.4.19-4.fc8
2008-04-29 20:57:25
gentoo
gentoo
lighttpd: Multiple vulnerabilities
2008-04-10 00:00:00
