Lucene search
K

7 matches found

Prion
Prion
added 2007/07/24 12:30 a.m.34 views

Cross site request forgery (csrf)

request.c in lighttpd 1.4.15 allows remote attackers to cause a denial of service daemon crash by sending an HTTP request with duplicate headers, as demonstrated by a request containing two Location header lines, which results in a segmentation fault...

5.8CVSS6.6AI score0.08072EPSS
Exploits2References13Affected Software1
Prion
Prion
added 2007/07/24 12:30 a.m.16 views

Format string

lighttpd 1.4.15, when run on 32 bit platforms, allows remote attackers to cause a denial of service daemon crash via unspecified vectors involving the use of incompatible format specifiers in certain debugging messages in the 1 modscgi, 2 modfastcgi, and 3 modwebdav modules...

4.3CVSS6.7AI score0.02915EPSS
Exploits0References13Affected Software1
UbuntuCve
UbuntuCve
added 2007/07/24 12:30 a.m.38 views

CVE-2007-3950

lighttpd 1.4.15, when run on 32 bit platforms, allows remote attackers to cause a denial of service daemon crash via unspecified vectors involving the use of incompatible format specifiers in certain debugging messages in the 1 modscgi, 2 modfastcgi, and 3 modwebdav modules...

4.3CVSS5.9AI score0.02915EPSS
Exploits0References1
NVD
NVD
added 2007/07/24 12:30 a.m.18 views

CVE-2007-3950

lighttpd 1.4.15, when run on 32 bit platforms, allows remote attackers to cause a denial of service daemon crash via unspecified vectors involving the use of incompatible format specifiers in certain debugging messages in the 1 modscgi, 2 modfastcgi, and 3 modwebdav modules...

4.3CVSS6.4AI score0.02915EPSS
Exploits0References13
OSV
OSV
added 2007/07/24 12:30 a.m.1 views

DEBIAN-CVE-2007-3950

lighttpd 1.4.15, when run on 32 bit platforms, allows remote attackers to cause a denial of service daemon crash via unspecified vectors involving the use of incompatible format specifiers in certain debugging messages in the 1 modscgi, 2 modfastcgi, and 3 modwebdav modules...

4.3CVSS6.8AI score0.02915EPSS
Exploits0References1
CVE
CVE
added 2007/07/24 12:0 a.m.153 views

CVE-2007-3949

CVE-2007-3949 affects lighttpd’s mod_access.c. In lighttpd 1.4.15, trailing slash handling in URLs is ignored, enabling bypass of url.access-deny settings. Multiple sources link this with lighttpd versions prior to 1.4.16; remediation cited is to upgrade to 1.4.16 or later. Exploitation details a...

8.3CVSS6.3AI score0.03299EPSS
Exploits0References14Affected Software1
Debian CVE
Debian CVE
added 2007/07/24 12:0 a.m.27 views

CVE-2007-3950

lighttpd 1.4.15, when run on 32 bit platforms, allows remote attackers to cause a denial of service daemon crash via unspecified vectors involving the use of incompatible format specifiers in certain debugging messages in the 1 modscgi, 2 modfastcgi, and 3 modwebdav modules...

4.3CVSS6.2AI score0.02915EPSS
Exploits0
Rows per page
Query Builder