Lucene search
K

27 matches found

Debian
Debian
added 2007/08/29 9:21 p.m.35 views

[SECURITY] [DSA 1362-1] New lighttpd packages fix several vulnerabilities

------------------------------------------------------------------------ Debian Security Advisory DSA-1362 [email protected] http://www.debian.org/security/ Steve Kemp August 29th, 2007 http://www.debian.org/security/faq - ------------------------------------------------------------------------...

8.3CVSS7AI score0.08072EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2007/08/21 12:0 a.m.35 views

GLSA-200708-11 : Lighttpd: Multiple vulnerabilities

The remote host is affected by the vulnerability described in GLSA-200708-11 Lighttpd: Multiple vulnerabilities Stefan Esser discovered errors with evidence of memory corruption in the code parsing the headers. Several independent researchers also reported errors involving the handling of HTTP...

8.3CVSS6.2AI score0.08072EPSS
Exploits2References6
UbuntuCve
UbuntuCve
added 2007/07/24 12:30 a.m.29 views

CVE-2007-3946

modauth httpauth.c in lighttpd before 1.4.16 allows remote attackers to cause a denial of service daemon crash via unspecified vectors involving 1 a memory leak, 2 use of md5-sess without a cnonce, 3 base64 encoded strings, and 4 trailing whitespace in the Auth-Digest header...

6.4CVSS6AI score0.03422EPSS
Exploits0References1
Prion
Prion
added 2007/07/24 12:30 a.m.19 views

Denial of service

modauth httpauth.c in lighttpd before 1.4.16 allows remote attackers to cause a denial of service daemon crash via unspecified vectors involving 1 a memory leak, 2 use of md5-sess without a cnonce, 3 base64 encoded strings, and 4 trailing whitespace in the Auth-Digest header...

6.4CVSS6.7AI score0.03422EPSS
Exploits0References18Affected Software1
NVD
NVD
added 2007/07/24 12:30 a.m.24 views

CVE-2007-3946

modauth httpauth.c in lighttpd before 1.4.16 allows remote attackers to cause a denial of service daemon crash via unspecified vectors involving 1 a memory leak, 2 use of md5-sess without a cnonce, 3 base64 encoded strings, and 4 trailing whitespace in the Auth-Digest header...

6.4CVSS6.4AI score0.03422EPSS
Exploits0References18
CVE
CVE
added 2007/07/24 12:0 a.m.112 views

CVE-2007-3946

lighttpd prior to 1.4.16 is affected by CVE-2007-3946 where mod_auth can be abused to crash the daemon via multiple vectors: (1) memory leak, (2) use of md5-sess without a cnonce, (3) base64-encoded strings, and (4) trailing whitespace in the Auth-Digest header. The issue is triggered in the http...

6.4CVSS6.3AI score0.03422EPSS
Exploits0References18Affected Software1
Cvelist
Cvelist
added 2007/07/24 12:0 a.m.26 views

CVE-2007-3946

modauth httpauth.c in lighttpd before 1.4.16 allows remote attackers to cause a denial of service daemon crash via unspecified vectors involving 1 a memory leak, 2 use of md5-sess without a cnonce, 3 base64 encoded strings, and 4 trailing whitespace in the Auth-Digest header...

6.2AI score0.03422EPSS
Exploits0References18
Rows per page
Query Builder