Описание
request.c in lighttpd 1.4.15 allows remote attackers to cause a denial of service (daemon crash) by sending an HTTP request with duplicate headers, as demonstrated by a request containing two Location header lines, which results in a segmentation fault.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.4.11-3ubuntu3.5 |
| devel | not-affected | |
| edgy | released | 1.4.13~r1370-1ubuntu1.3 |
| feisty | released | 1.4.13-9ubuntu4.2 |
| gutsy | not-affected | |
| upstream | released | 1.4.16 |
Показывать по
Ссылки на источники
EPSS
5.8 Medium
CVSS2
Связанные уязвимости
request.c in lighttpd 1.4.15 allows remote attackers to cause a denial of service (daemon crash) by sending an HTTP request with duplicate headers, as demonstrated by a request containing two Location header lines, which results in a segmentation fault.
request.c in lighttpd 1.4.15 allows remote attackers to cause a denial ...
request.c in lighttpd 1.4.15 allows remote attackers to cause a denial of service (daemon crash) by sending an HTTP request with duplicate headers, as demonstrated by a request containing two Location header lines, which results in a segmentation fault.
EPSS
5.8 Medium
CVSS2