diff options
| author | mnag <mnag@FreeBSD.org> | 2007-04-14 23:11:47 +0800 |
|---|---|---|
| committer | mnag <mnag@FreeBSD.org> | 2007-04-14 23:11:47 +0800 |
| commit | f661bb2858645e92fe2ea70aba66dbd7558cda3e (patch) | |
| tree | d9b6b9855d118d3924c0b869decfb25ad9dac144 /security | |
| parent | ba0e0f5f1a089ec0cdcb32f5e7ddb329717734e6 (diff) | |
| download | freebsd-ports-gnome-f661bb2858645e92fe2ea70aba66dbd7558cda3e.tar.gz freebsd-ports-gnome-f661bb2858645e92fe2ea70aba66dbd7558cda3e.tar.zst freebsd-ports-gnome-f661bb2858645e92fe2ea70aba66dbd7558cda3e.zip | |
lighttpd -- DOS when access files with mtime 0
lighttpd -- Remote DOS in CRLF parsing
Diffstat (limited to 'security')
| -rw-r--r-- | security/vuxml/vuln.xml | 63 |
1 files changed, 63 insertions, 0 deletions
diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml index c1bba7a76c0f..3fa808c95fb7 100644 --- a/security/vuxml/vuln.xml +++ b/security/vuxml/vuln.xml @@ -34,6 +34,69 @@ Note: Please add new entries to the beginning of this file. --> <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> + <vuln vid="5678da43-ea99-11db-a802-000fea2763ce"> + <topic>lighttpd -- DOS when access files with mtime 0</topic> + <affects> + <package> + <name>lighttpd</name> + <range><lt>1.4.15</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Lighttpd SA:</p> + <blockquote cite="http://www.lighttpd.net/assets/2007/4/13/lighttpd_sa2007_02.txt"> + <p>Lighttpd caches the rendered string for mtime. The cache key has + as a default value 0. At that point the pointer to the string are + still NULL. If a file with an mtime of 0 is requested it tries to + access the pointer and crashes.</p> + <p>The bug requires that a malicious user can either upload files or + manipulate the mtime of the files.</p> + <p>The bug was reported by cubiq and fixed by Marcus Rueckert.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2007-1870</cvename> + <url>http://www.lighttpd.net/assets/2007/4/13/lighttpd_sa2007_02.txt</url> + </references> + <dates> + <discovery>2007-01-14</discovery> + <entry>2007-04-14</entry> + </dates> + </vuln> + + <vuln vid="d2b48d30-ea97-11db-a802-000fea2763ce"> + <topic>lighttpd -- Remote DOS in CRLF parsing</topic> + <affects> + <package> + <name>lighttpd</name> + <range><gt>1.4.11</gt><lt>1.4.13_2</lt></range> + </package> + </affects> + <description> + <body xmlns="http://www.w3.org/1999/xhtml"> + <p>Lighttpd SA:</p> + <blockquote cite="http://www.lighttpd.net/assets/2007/4/13/lighttpd_sa2007_01.txt"> + <p>If the connection aborts during parsing "\r\n\r\n" the server + might get into a infinite loop and use 100% of the CPU time. + lighttpd still responses to other requests. This can be repeated + until either the server limit for concurrent connections or file + descriptors is reached.</p> + <p>The bug was reported and fixed by Robert Jakabosky.</p> + </blockquote> + </body> + </description> + <references> + <cvename>CVE-2007-1869</cvename> + <url>http://www.lighttpd.net/assets/2007/4/13/lighttpd_sa2007_01.txt</url> + </references> + <dates> + <discovery>2006-12-15</discovery> + <entry>2007-04-14</entry> + </dates> + </vuln> + <vuln vid="c110eda2-e995-11db-a944-0012f06707f0"> <topic>freeradius -- EAP-TTLS Tunnel Memory Leak Remote DOS Vulnerability</topic> <affects> |