Lucene search
K

10 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 5:35 a.m.1 views

SUSE CVE-2013-4560

Use-after-free vulnerability in lighttpd before 1.4.33 allows remote attackers to cause a denial of service segmentation fault and crash via unspecified vectors that trigger FAMMonitorDirectory failures...

5CVSS7AI score0.05418EPSS
Exploits0References4
Amazon
Amazon
added 2014/03/06 12:0 a.m.49 views

Medium: lighttpd

Issue Overview: Use-after-free vulnerability in lighttpd before 1.4.33 allows remote attackers to cause a denial of service segmentation fault and crash via unspecified vectors that trigger FAMMonitorDirectory failures. lighttpd before 1.4.34, when SNI is enabled, configures weak SSL ciphers, whi...

7.6CVSS7.2AI score0.10721EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2014/02/14 12:0 a.m.31 views

FreeBSD : lighttpd -- multiple vulnerabilities (90b27045-9530-11e3-9d09-000c2980a9f3)

lighttpd security advisories report : It is possible to inadvertantly enable vulnerable ciphers when using ssl.cipher-list. In certain cases setuid and similar can fail, potentially triggering lighttpd to restart running as root. If FAMMonitorDirectory fails, the memory intended to store the...

7.6CVSS6.7AI score0.10721EPSS
Exploits1References7
FreeBSD
FreeBSD
added 2013/11/28 12:0 a.m.40 views

lighttpd -- multiple vulnerabilities

lighttpd security advisories report: It is possible to inadvertantly enable vulnerable ciphers when using ssl.cipher-list. In certain cases setuid and similar can fail, potentially triggering lighttpd to restart running as root. If FAMMonitorDirectory fails, the memory intended to store the conte...

7.6CVSS7.6AI score0.10721EPSS
Exploits1References3
Tenable Nessus
Tenable Nessus
added 2013/11/22 12:0 a.m.30 views

Mandriva Linux Security Advisory : lighttpd (MDVSA-2013:277)

Updated lighttpd packages fix security vulnerabilities : lighttpd before 1.4.34, when SNI is enabled, configures weak SSL ciphers, which makes it easier for remote attackers to hijack sessions by inserting packets into the client-server data stream or obtain sensitive information by sniffing the...

7.6CVSS6.9AI score0.10721EPSS
Exploits1References4
OSV
OSV
added 2013/11/20 2:12 p.m.2 views

DEBIAN-CVE-2013-4560

Use-after-free vulnerability in lighttpd before 1.4.33 allows remote attackers to cause a denial of service segmentation fault and crash via unspecified vectors that trigger FAMMonitorDirectory failures...

5CVSS7.2AI score0.05418EPSS
Exploits0References1
NVD
NVD
added 2013/11/20 2:12 p.m.18 views

CVE-2013-4560

Use-after-free vulnerability in lighttpd before 1.4.33 allows remote attackers to cause a denial of service segmentation fault and crash via unspecified vectors that trigger FAMMonitorDirectory failures...

5CVSS7.3AI score0.05418EPSS
Exploits0References7
Prion
Prion
added 2013/11/20 2:12 p.m.22 views

Design/Logic Flaw

Use-after-free vulnerability in lighttpd before 1.4.33 allows remote attackers to cause a denial of service segmentation fault and crash via unspecified vectors that trigger FAMMonitorDirectory failures...

5CVSS6.9AI score0.05418EPSS
Exploits0References7Affected Software3
Debian CVE
Debian CVE
added 2013/11/19 7:0 p.m.31 views

CVE-2013-4560

Use-after-free vulnerability in lighttpd before 1.4.33 allows remote attackers to cause a denial of service segmentation fault and crash via unspecified vectors that trigger FAMMonitorDirectory failures...

5CVSS7.3AI score0.05418EPSS
Exploits0
CVE
CVE
added 2013/11/19 7:0 p.m.222 views

CVE-2013-4560

lighttpd vulnerable before 1.4.33 due to a use-after-free in FAMMonitorDirectory handling, enabling remote DoS (segfault/crash). Multiple connected sources corroborate the issue and reference mitigation via upgrading to 1.4.34 or newer. No explicit in-the-wild exploit details are provided in the ...

5CVSS7.1AI score0.05418EPSS
Exploits0References7Affected Software1
Rows per page
Query Builder