Lucene search

[email protected]NVD:CVE-2007-1870

HistoryApr 18, 2007 - 3:19 a.m.

CVE-2007-1870

2007-04-1803:19:00

[email protected]

web.nvd.nist.gov

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

6.2 Medium

AI Score

Confidence

High

0.068 Low

EPSS

Percentile

93.9%

JSON

lighttpd before 1.4.14 allows attackers to cause a denial of service (crash) via a request to a file whose mtime is 0, which results in a NULL pointer dereference.

Affected configurations

NVD

Node

lighttpdlighttpdMatch1.3.0

lighttpdlighttpdMatch1.3.1

lighttpdlighttpdMatch1.3.2

lighttpdlighttpdMatch1.3.3

lighttpdlighttpdMatch1.3.4

lighttpdlighttpdMatch1.3.5

lighttpdlighttpdMatch1.3.6

lighttpdlighttpdMatch1.3.7

lighttpdlighttpdMatch1.3.8

lighttpdlighttpdMatch1.3.9

lighttpdlighttpdMatch1.3.10

lighttpdlighttpdMatch1.3.11

lighttpdlighttpdMatch1.3.12

lighttpdlighttpdMatch1.3.13

lighttpdlighttpdMatch1.3.14

lighttpdlighttpdMatch1.3.15

lighttpdlighttpdMatch1.3.16

lighttpdlighttpdMatch1.4.0

lighttpdlighttpdMatch1.4.1

lighttpdlighttpdMatch1.4.2

lighttpdlighttpdMatch1.4.3

lighttpdlighttpdMatch1.4.4

lighttpdlighttpdMatch1.4.5

lighttpdlighttpdMatch1.4.6

lighttpdlighttpdMatch1.4.7

lighttpdlighttpdMatch1.4.8

lighttpdlighttpdMatch1.4.9

lighttpdlighttpdMatch1.4.10

lighttpdlighttpdMatch1.4.12

lighttpdlighttpdMatch1.4.13

References

secunia.com/advisories/24886

secunia.com/advisories/24947

secunia.com/advisories/24995

secunia.com/advisories/25166

secunia.com/advisories/25613

security.gentoo.org/glsa/glsa-200705-07.xml

www.debian.org/security/2007/dsa-1303

www.lighttpd.net/assets/2007/4/13/lighttpd_sa2007_02.txt

www.novell.com/linux/security/advisories/2007_007_suse.html

www.securityfocus.com/archive/1/466464/30/6900/threaded

www.securityfocus.com/bid/23515

www.vupen.com/english/advisories/2007/1399

exchange.xforce.ibmcloud.com/vulnerabilities/33678

issues.rpath.com/browse/RPL-1218

7.8 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

6.2 Medium

AI Score

Confidence

High

0.068 Low

EPSS

Percentile

93.9%

JSON

Related for NVD:CVE-2007-1870

ubuntucve1 debiancve1 prion1 openvas5 nessus4 cvelist1 cve1 freebsd1 debian1 osv1 gentoo1 securityvulns1