Lucene search
K

15 matches found

Tenable Nessus
Tenable Nessus
added 2014/06/13 12:0 a.m.30 views

openSUSE Security Update : lighttpd (openSUSE-SU-2012:0240-1)

This update of lighttpd fixes an out-of-bounds read due to a signedness error which could cause a Denial of Service CVE-2011-4362. Additionally an option was added to honor the server cipher order resolves lighttpd2364. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

5CVSS6.3AI score0.23076EPSS
Exploits8References3
OpenVAS
OpenVAS
added 2012/08/30 12:0 a.m.31 views

Fedora Update for lighttpd FEDORA-2012-9040

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

5CVSS9.6AI score0.23076EPSS
Exploits8References2
Amazon
Amazon
added 2012/07/09 12:0 a.m.42 views

Medium: lighttpd

Issue Overview: Integer signedness error in the base64decode function in the HTTP authentication functionality httpauth.c in lighttpd 1.4 before 1.4.30 and 1.5 before SVN revision 2806 allows remote attackers to cause a denial of service segmentation fault via crafted base64 input that triggers a...

5CVSS6.7AI score0.23076EPSS
Exploits8
OpenVAS
OpenVAS
added 2012/06/28 12:0 a.m.22 views

Fedora Update for lighttpd FEDORA-2012-9078

The remote host is missing an update for the SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...

5CVSS9.6AI score0.23076EPSS
Exploits8References2
Tenable Nessus
Tenable Nessus
added 2012/06/26 12:0 a.m.33 views

Fedora 17 : lighttpd-1.4.31-1.fc17 (2012-9040)

This update fixes CVE-2011-4362 by updating to the latest release. It also fixes problems that had been reported with previous releases, such as ssl-related crashes on startup. This update fixes some minor SSL related problems, as well as a connection stall bug. This update fixes some minor SSL...

5CVSS6.3AI score0.23076EPSS
Exploits8References3
Tenable Nessus
Tenable Nessus
added 2012/06/26 12:0 a.m.39 views

Fedora 16 : lighttpd-1.4.31-1.fc16 (2012-9078)

This update fixes CVE-2011-4362 by updating to the latest release. It also fixes problems that had been reported with previous releases, such as ssl-related crashes on startup. This update fixes some minor SSL related problems, as well as a connection stall bug. This update fixes some minor SSL...

5CVSS6.3AI score0.23076EPSS
Exploits8References3
securityvulns
securityvulns
added 2012/01/02 12:0 a.m.127 views

Lighttpd Proof of Concept code for CVE-2011-4362

29 of November 2011 was the date of public disclosure interesting vulnerability in lighttpd server. Xi Wang discovered that modauth for this server does not propely decode characters from the extended ASCII table. The vulnerable code is below: "src/httpauth.c:67" --- CUT --- static const short...

5CVSS0.2AI score0.23076EPSS
Exploits8
seebug.org
seebug.org
added 2012/01/02 12:0 a.m.128 views

Lighttpd Proof of Concept code for CVE-2011-4362

No description provided by source. 29 of November 2011 was the date of public disclosure interesting vulnerability in lighttpd server. Xi Wang discovered that modauth for this server does not propely decode characters from the extended ASCII table. The vulnerable code is below: "src/httpauth.c:67...

5CVSS9.6AI score0.23076EPSS
Exploits8
0day.today
0day.today
added 2011/12/31 12:0 a.m.90 views

Lighttpd Proof of Concept code for CVE-2011-4362

Exploit for linux platform in category dos / poc / Primitive Lighttpd Proof of Concept code for CVE-2011-4362 vulnerability discovered by Xi Wang Here the vulnerable code src/httpauth.c:67 --- CUT --- static const short base64reversetable256 = -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -1, -...

7AI score0.23076EPSS
Exploits8
NVD
NVD
added 2011/12/24 7:55 p.m.24 views

CVE-2011-4362

Integer signedness error in the base64decode function in the HTTP authentication functionality httpauth.c in lighttpd 1.4 before 1.4.30 and 1.5 before SVN revision 2806 allows remote attackers to cause a denial of service segmentation fault via crafted base64 input that triggers an out-of-bounds...

5CVSS9.1AI score0.23076EPSS
Exploits8References13
OSV
OSV
added 2011/12/24 7:55 p.m.10 views

CVE-2011-4362

Integer signedness error in the base64decode function in the HTTP authentication functionality httpauth.c in lighttpd 1.4 before 1.4.30 and 1.5 before SVN revision 2806 allows remote attackers to cause a denial of service segmentation fault via crafted base64 input that triggers an out-of-bounds...

6.5AI score
Exploits0References26
UbuntuCve
UbuntuCve
added 2011/12/24 7:55 p.m.41 views

CVE-2011-4362

Integer signedness error in the base64decode function in the HTTP authentication functionality httpauth.c in lighttpd 1.4 before 1.4.30 and 1.5 before SVN revision 2806 allows remote attackers to cause a denial of service segmentation fault via crafted base64 input that triggers an out-of-bounds...

5CVSS6.7AI score0.23076EPSS
Exploits8References2
CVE
CVE
added 2011/12/24 7:0 p.m.208 views

CVE-2011-4362

CVE-2011-4362 affects lighttpd: a signedness error in the base64_decode routine used by HTTP authentication (http_auth.c) can trigger an out-of-bounds read with a negative index, allowing a remote attacker to cause a denial of service (segmentation fault). Impacted versions are lighttpd 1.4 befor...

5CVSS9AI score0.23076EPSS
Exploits8References13Affected Software1
Debian
Debian
added 2011/12/21 12:24 a.m.69 views

[SECURITY] [DSA 2368-1] lighttpd security update

--------------------------------------------------------------------------- Debian Security Advisory DSA-2368-1 [email protected] http://www.debian.org/security/ Nico Golde Dec 20th, 2011 http://www.debian.org/security/faq -...

5CVSS7.8AI score0.73327EPSS
Exploits12
Debian
Debian
added 2011/12/21 12:2 a.m.200 views

[SECURITY] [DSA 2381-] lighttpd security update

--------------------------------------------------------------------------- Debian Security Advisory DSA-2368-1 [email protected] http://www.debian.org/security/ Nico Golde Dec 20th, 2011 http://www.debian.org/security/faq -...

5CVSS7.8AI score0.73327EPSS
Exploits12
Rows per page
Query Builder