CVE-2007-1870 - Secunia Advisories - Vulnerability Information

CVE Reference: CVE-2007-1870
NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE.

Original Page at CVE MITRE: CVE-2007-1870

Description: lighttpd before 1.4.14 allows attackers to cause a denial of service (crash) via a request to a file whose mtime is 0, which results in a NULL pointer dereference.

CVE Status: Candidate

References: XF http://xforce.iss.net/xforce/xfdb/33678 SUSE http://www.novell.com/linux/security/advisories/2007_007_suse.html SAID Secunia Advisory: SA24886 Secunia Advisory: SA24995 Secunia Advisory: SA25166 Secunia Advisory: SA24947 Secunia Advisory: SA25613 GENTOO http://security.gentoo.org/glsa/glsa-200705-07.xml DEBIAN http://www.debian.org/security/2007/dsa-1303 CONFIRM http://www.lighttpd.net/assets/2007/4/13/lighttpd_sa2007_02.txt BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/466464/30/6900/threaded BID 23515

Return to the previous page.