Lucene search

PRIOn knowledge basePRION:CVE-2013-4560

HistoryNov 20, 2013 - 2:12 p.m.

Design/Logic Flaw

2013-11-2014:12:00

PRIOn knowledge base

www.prio-n.com

6.9 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.029 Low

EPSS

Percentile

90.5%

JSON

Use-after-free vulnerability in lighttpd before 1.4.33 allows remote attackers to cause a denial of service (segmentation fault and crash) via unspecified vectors that trigger FAMMonitorDirectory failures.

CPENameOperatorVersion
debian_linuxeq8.0
debian_linuxeq7.0
debian_linuxeq6.0
lighttpdlt1.4.33
opensuseeq12.3
opensuseeq12.2
opensuseeq13.1

Name	Operator	Version
debian_linux	eq	8.0
debian_linux	eq	7.0
debian_linux	eq	6.0
lighttpd	lt	1.4.33
opensuse	eq	12.3
opensuse	eq	12.2
opensuse	eq	13.1

References

download.lighttpd.net/lighttpd/security/lighttpd_sa_2013_03.txt

jvn.jp/en/jp/JVN37417423/index.html

lists.opensuse.org/opensuse-updates/2014-01/msg00049.html

secunia.com/advisories/55682

www.openwall.com/lists/oss-security/2013/11/12/4

marc.info/?l=bugtraq&m=141576815022399&w=2

www.debian.org/security/2013/dsa-2795

6.9 Medium

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.029 Low

EPSS

Percentile

90.5%

JSON

Related for PRION:CVE-2013-4560