CVE-2007-1869 - Secunia Advisories - Vulnerability Intelligence

CVE Reference: CVE-2007-1869
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-1869

Description: lighttpd 1.4.12 and 1.4.13 allows remote attackers to cause a denial of service (cpu and resource consumption) by disconnecting while lighttpd is parsing CRLF sequences, which triggers an infinite loop and file descriptor consumption.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/33671 SUSE http://www.novell.com/linux/security/advisories/2007_007_suse.html SAID Secunia Advisory: SA24886 Secunia Advisory: SA24995 Secunia Advisory: SA25166 Secunia Advisory: SA24947 Secunia Advisory: SA25613 GENTOO http://security.gentoo.org/glsa/glsa-200705-07.xml DEBIAN http://www.debian.org/security/2007/dsa-1303 CONFIRM http://www.lighttpd.net/assets/2007/4/13/lighttpd_sa2007_01.txt BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/466464/30/6900/threaded BID 23515

Return to the previous page.