Lucene search
K

10 matches found

OpenVAS
OpenVAS
added 2023/03/02 12:0 a.m.19 views

Ubuntu: Security Advisory (USN-5903-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.7AI score0.08969EPSS
Exploits5References2
Tenable Nessus
Tenable Nessus
added 2022/12/23 12:0 a.m.28 views

Fedora 35 : lighttpd (2022-c26b19568d)

The remote Fedora 35 host has a package installed that is affected by a vulnerability as referenced in the FEDORA-2022-c26b19568d advisory. 1.4.67 Tenable has extracted the preceding description block directly from the Fedora security advisory. Note that Nessus has not tested for this issue but h...

7.5CVSS7.3AI score0.02714EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2022/10/31 12:0 a.m.54 views

GLSA-202210-12 : Lighttpd: Denial of Service

The remote host is affected by the vulnerability described in GLSA-202210-12 Lighttpd: Denial of Service - In lighttpd 1.4.65, modwstunnel does not initialize a handler function pointer if an invalid HTTP request websocket handshake is received. It leads to null pointer dereference which crashes...

7.5CVSS7.1AI score0.02714EPSS
Exploits5References4
OpenVAS
OpenVAS
added 2022/10/14 12:0 a.m.17 views

Mageia: Security Advisory (MGASA-2022-0369)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.02714EPSS
Exploits5References4
Mageia
Mageia
added 2022/10/13 8:5 p.m.55 views

Updated lighttpd packages fix security vulnerability

In lighttpd 1.4.65, modwstunnel does not initialize a handler function pointer if an invalid HTTP request websocket handshake is received. It leads to null pointer dereference which crashes the server. It could be used by an external attacker to cause denial of service condition. CVE-2022-37797 A...

7.5CVSS0.4AI score0.02714EPSS
Exploits5References2
Cvelist
Cvelist
added 2022/10/06 12:0 a.m.45 views

CVE-2022-41556

A resource leak in gwbackend.c in lighttpd 1.4.56 through 1.4.66 could lead to a denial of service connection-slot exhaustion after a large amount of anomalous TCP behavior by clients. It is related to RDHUP mishandling in certain HTTP/1.1 chunked situations. Use of modfastcgi is, for example,...

7.4AI score0.02714EPSS
Exploits4References5
CVE
CVE
added 2022/10/06 12:0 a.m.531 views

CVE-2022-41556

CVE-2022-41556 affects lighttpd 1.4.56–1.4.66, describing a resource leak in gw_backend.c that can cause denial of service (connection-slot exhaustion) after a large amount of anomalous TCP behavior, related to RDHUP mishandling in certain HTTP/1.1 chunked scenarios (mod_fastcgi also affected). T...

7.5CVSS7AI score0.02714EPSS
Exploits4References5Affected Software1
Debian CVE
Debian CVE
added 2022/10/06 12:0 a.m.79 views

CVE-2022-41556

A resource leak in gwbackend.c in lighttpd 1.4.56 through 1.4.66 could lead to a denial of service connection-slot exhaustion after a large amount of anomalous TCP behavior by clients. It is related to RDHUP mishandling in certain HTTP/1.1 chunked situations. Use of modfastcgi is, for example,...

7.5CVSS7.3AI score0.02714EPSS
Exploits4
OpenVAS
OpenVAS
added 2022/09/29 12:0 a.m.19 views

Debian: Security Advisory (DSA-5243-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.02714EPSS
Exploits5References4
Debian
Debian
added 2022/09/28 4:5 p.m.41 views

[SECURITY] [DSA 5243-1] lighttpd security update

------------------------------------------------------------------------- Debian Security Advisory DSA-5243-1 [email protected] https://www.debian.org/security/ Helmut Grohne September 28, 2022 https://www.debian.org/security/faq -...

7.5CVSS8.3AI score0.02714EPSS
Exploits5
Rows per page
Query Builder