Amazon Linux: Security Advisory (ALAS-2013-179)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

lighttpd 1.4.31 Denial of Service PoC

No description provided by source. !/bin/bash Exploit Title: simple lighttpd 1.4.31 DOS POC Date: 11/21/2012 Exploit Author: [email protected] Vendor Homepage: http://www.lighttpd.net Software Link: http://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.31.tar.gz Version: 1.4.31 Tested on:...

openSUSE Security Update : lighttpd (openSUSE-SU-2012:1532-1)

Fixing bnc790258 CVE-2012-5533: Denial of Service via specially crafted HTTP header. Added patches: 0001-Fix-DoS-in-header-value-split-reported-by-Jesse-Sip p.patch 0001-remove-whitespace-at-end-of-header-keys.patch %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and...

Fedora Update for lighttpd FEDORA-2013-15344

The remote host is missing an update for the SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 19 : lighttpd-1.4.32-1.fc19 (2013-15345)

One important denial of service in 1.4.31 fix: CVE-2012-5533. A flaw was found in lighttpd version 1.4.31 that could be exploited by a remote user to cause a denial of service condition in lighttpd. A client could send a malformed Connection header to lighttpd such as 'Connection: TE,,Keep-Alive'...

Fedora 18 : lighttpd-1.4.32-1.fc18 (2013-15344)

One important denial of service in 1.4.31 fix: CVE-2012-5533. A flaw was found in lighttpd version 1.4.31 that could be exploited by a remote user to cause a denial of service condition in lighttpd. A client could send a malformed Connection header to lighttpd such as 'Connection: TE,,Keep-Alive'...

Amazon Linux AMI : lighttpd (ALAS-2013-179)

The httprequestsplitvalue function in request.c in lighttpd before 1.4.32 allows remote attackers to cause a denial of service infinite loop via a request with a header containing an empty token, as demonstrated using the 'Connection: TE,,Keep-Alive' header. C Tenable Network Security, Inc. The...

Medium: lighttpd

Issue Overview: The httprequestsplitvalue function in request.c in lighttpd before 1.4.32 allows remote attackers to cause a denial of service infinite loop via a request with a header containing an empty token, as demonstrated using the "Connection: TE,,Keep-Alive" header. Affected Packages:...

lighttpd Connection Header Parsing Denial of Service (CVE-2012-5533)

A denial-of-service vulnerability has been reported in lighttpd...

FreeBSD Ports: lighttpd

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2012 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

CVE-2012-5533

The httprequestsplitvalue function in request.c in lighttpd before 1.4.32 allows remote attackers to cause a denial of service infinite loop via a request with a header containing an empty token, as demonstrated using the "Connection: TE,,Keep-Alive" header...

lighttpd畸形HTTP Connection域处理拒绝服务漏洞

CVECAN ID: CVE-2012-5533 lighttpd是一款开源的轻量级Web服务器。 lighttpd 1.4.31在处理某些HTTP请求头时，"httprequestsplitvalue"函数src/request.c在处理特制的"Connection"报头域时会陷入无限循环。攻击者利用此漏洞可导致Lighttpd拒绝服务。 0 lighttpd 1.4.31 厂商补丁： Lighttpd -------- 目前厂商已经发布了升级补丁以修复这个安全问题，请到厂商的主页下载：...

Simple Lighttpd 1.4.31 Denial Of Service

!/bin/bash simple lighttpd 1.4.31 DOS POC CVE-2012-5533 http://www.lighttpd.net/2012/11/21/1-4-32/ http://download.lighttpd.net/lighttpd/security/lighttpdsa201201.txt written by Milan Berger if $ -lt 2 then echo "usage :$0 " else echo -ne "GET / HTTP/1.1\r\nHost: pwn.ed\r\nConnection:...

lighttpd 1.4.31 - Denial of Service (PoC)

lighttpd 1.4.31 - Denial of Service PoC !/bin/bash Exploit Title: simple lighttpd 1.4.31 DOS POC Date: 11/21/2012 Exploit Author: [email protected] Vendor Homepage: http://www.lighttpd.net Software Link: http://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.31.tar.gz Version: 1.4.31 Tested...

lighttpd 1.4.31 - Denial of Service (PoC)

!/bin/bash Exploit Title: simple lighttpd 1.4.31 DOS POC Date: 11/21/2012 Exploit Author: [email protected] Vendor Homepage: http://www.lighttpd.net Software Link: http://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.31.tar.gz Version: 1.4.31 Tested on: Debian Linux, Gentoo Linux, Arch...

lighttpd 1.4.31 Denial of Service PoC

Exploit for linux platform in category dos / poc !/bin/bash Exploit Title: simple lighttpd 1.4.31 DOS POC Date: 11/21/2012 Exploit Author: email protected Vendor Homepage: http://www.lighttpd.net Software Link: http://download.lighttpd.net/lighttpd/releases-1.4.x/lighttpd-1.4.31.tar.gz Version:...