Lucene search
K

15 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 6:0 a.m.5 views

SUSE CVE-2010-0295

lighttpd before 1.4.26, and 1.5.x, allocates a buffer for each read operation that occurs for a request, which allows remote attackers to cause a denial of service memory consumption by breaking a request into small pieces that are sent at a slow rate...

5CVSS7AI score0.12111EPSS
Exploits3References4
RedhatCVE
RedhatCVE
added 2019/10/04 10:47 p.m.17 views

CVE-2010-0295

lighttpd before 1.4.26, and 1.5.x, allocates a buffer for each read operation that occurs for a request, which allows remote attackers to cause a denial of service memory consumption by breaking a request into small pieces that are sent at a slow rate...

5CVSS7AI score0.12111EPSS
Exploits3References3
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.28 views

Oracle Solaris Third-Party Patch Update : lighttpd (cve_2014_2469_denial_of)

The remote Solaris system is missing necessary patches to address security updates : - lighttpd before 1.4.26, and 1.5.x, allocates a buffer for each read operation that occurs for a request, which allows remote attackers to cause a denial of service memory consumption by breaking a request into...

5CVSS5.5AI score0.12111EPSS
Exploits5References6
OpenVAS
OpenVAS
added 2011/03/09 12:0 a.m.19 views

Gentoo Security Advisory GLSA 201006-17 (lighttpd)

The remote host is missing updates announced in advisory GLSA 201006-17. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2011 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

5CVSS0.12111EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2010/07/01 12:0 a.m.24 views

Fedora 12 : lighttpd-1.4.26-2.fc12 (2010-7643)

Update lighttpd to the latest version of the 1.4 branch, with the spawn-fcgi program split out for the first time on EL. This fixes CVE-2010-0295 and also includes a fix for upstream bug 2157 where SSL stopped working with RHEL 5.4. Note that Tenable Network Security has extracted the preceding...

5CVSS5.4AI score0.12111EPSS
Exploits3References3
Tenable Nessus
Tenable Nessus
added 2010/07/01 12:0 a.m.20 views

Fedora 11 : lighttpd-1.4.26-2.fc11 (2010-7636)

Update lighttpd to the latest version of the 1.4 branch, with the spawn-fcgi program split out for the first time on EL. This fixes CVE-2010-0295 and also includes a fix for upstream bug 2157 where SSL stopped working with RHEL 5.4. Note that Tenable Network Security has extracted the preceding...

5CVSS5.4AI score0.12111EPSS
Exploits3References3
OpenVAS
OpenVAS
added 2010/05/17 12:0 a.m.18 views

Fedora Update for lighttpd FEDORA-2010-7636

The remote host is missing an update for the SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

5CVSS6.5AI score0.12111EPSS
Exploits3References2
OpenVAS
OpenVAS
added 2010/02/18 12:0 a.m.17 views

FreeBSD Ports: lighttpd

The remote host is missing an update to the system as announced in the referenced advisory. VID 1a3bd81f-1b25-11df-bd1a-002170daae37 OpenVAS Vulnerability Test $ Description: Auto generated from VID 1a3bd81f-1b25-11df-bd1a-002170daae37 Authors: Thomas Reinke Copyright: Copyright c 2010 E-Soft Inc...

5CVSS9.4AI score0.12111EPSS
Exploits3
OpenVAS
OpenVAS
added 2010/02/18 12:0 a.m.23 views

FreeBSD Ports: lighttpd

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2010 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

5CVSS6.3AI score0.12111EPSS
Exploits3References3
Tenable Nessus
Tenable Nessus
added 2010/02/09 12:0 a.m.20 views

openSUSE Security Update : lighttpd (lighttpd-1914)

This update fixes a denial of service vulnerability in lighttpd that can be triggers using slow requests. CVE-2010-0295 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update lighttpd-1914. The text...

5CVSS5.3AI score0.12111EPSS
Exploits3References2
Tenable Nessus
Tenable Nessus
added 2010/02/09 12:0 a.m.27 views

openSUSE Security Update : lighttpd (lighttpd-1914)

This update fixes a denial of service vulnerability in lighttpd that can be triggers using slow requests. CVE-2010-0295 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update lighttpd-1914. The text...

5CVSS5.3AI score0.12111EPSS
Exploits3References2
seebug.org
seebug.org
added 2010/02/04 12:0 a.m.119 views

lighttpd畸形HTTP请求远程拒绝服务漏洞

BUGTRAQ ID: 38036 CVE ID: CVE-2010-0295 Lighttpd是一款轻型的开放源码Web Server软件包。 Lighttpd服务器每次接收到网络报文都会分配4K或16K的堆内存,如果远程攻击者缓慢的发送HTTP请求(如每秒钟发送1字节),就会耗尽所有可用内存导致服务器终止。 LightTPD LightTPD 1.5 LightTPD LightTPD 1.4.x 厂商补丁: Debian ------ Debian已经为此发布了一个安全公告(DSA-1987-1)以及相应补丁: DSA-1987-1:lighttpd -- denial of...

5CVSS9.3AI score0.12111EPSS
Exploits3
CVE
CVE
added 2010/02/03 7:0 p.m.166 views

CVE-2010-0295

CVE-2010-0295 affects lighttpd 1.4.26 and 1.5.x, where a buffer is allocated per read operation for a request, enabling a remote attacker to cause memory consumption/DoS by sending a request in small pieces slowly. Connected sources (IBM IMM bulletin, Nessus/SEC advisories) confirm this vulnerabi...

5CVSS6.6AI score0.12111EPSS
Exploits3References19Affected Software1
Debian
Debian
added 2010/02/02 11:19 a.m.28 views

[SECURITY] [DSA 1987-1] New lighttpd packages fix denial of service

-------------------------------------------------------------------------- Debian Security Advisory DSA-1987-1 [email protected] http://www.debian.org/security/ Nico Golde February 2nd, 2010 http://www.debian.org/security/faq -...

5CVSS6AI score0.12111EPSS
Exploits3
securityvulns
securityvulns
added 2010/02/02 12:0 a.m.62 views

[SECURITY] [DSA 1987-1] New lighttpd packages fix denial of service

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA-1987-1 [email protected] http://www.debian.org/security/ Nico Golde February 2nd, 2010 http://www.debian.org/security/faq -...

5CVSS0.1AI score0.12111EPSS
Exploits3
Rows per page
Query Builder