Описание
The connection_state_machine function (connections.c) in lighttpd 1.4.19 and earlier, and 1.5.x before 1.5.0, allows remote attackers to cause a denial of service (active SSL connection loss) by triggering an SSL error, such as disconnecting before a download has finished, which causes all active SSL connections to be lost.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | ignored | end of life |
| devel | released | 1.4.19-0ubuntu3 |
| edgy | released | 1.4.13~r1370-1ubuntu1.7 |
| feisty | released | 1.4.13-9ubuntu4.6 |
| gutsy | released | 1.4.18-1ubuntu1.4 |
| hardy | released | 1.4.19-0ubuntu3 |
| intrepid | released | 1.4.19-0ubuntu3 |
| jaunty | released | 1.4.19-0ubuntu3 |
| karmic | released | 1.4.19-0ubuntu3 |
| upstream | released | 1.4.19 |
Показывать по
Ссылки на источники
EPSS
4.3 Medium
CVSS2
Связанные уязвимости
The connection_state_machine function (connections.c) in lighttpd 1.4.19 and earlier, and 1.5.x before 1.5.0, allows remote attackers to cause a denial of service (active SSL connection loss) by triggering an SSL error, such as disconnecting before a download has finished, which causes all active SSL connections to be lost.
The connection_state_machine function (connections.c) in lighttpd 1.4. ...
The connection_state_machine function (connections.c) in lighttpd 1.4.19 and earlier, and 1.5.x before 1.5.0, allows remote attackers to cause a denial of service (active SSL connection loss) by triggering an SSL error, such as disconnecting before a download has finished, which causes all active SSL connections to be lost.
EPSS
4.3 Medium
CVSS2