Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
seebugRootSSV:60476
HistoryNov 23, 2012 - 12:00 a.m.

lighttpd畸形HTTP Connection域处理拒绝服务漏洞

2012-11-2300:00:00
Root
www.seebug.org
138

EPSS

0.663

Percentile

97.9%

JSON

CVE(CAN) ID: CVE-2012-5533

lighttpd是一款开源的轻量级Web服务器。

lighttpd 1.4.31在处理某些HTTP请求头时,"http_request_split_value()"函数(src/request.c)在处理特制的"Connection"报头域时会陷入无限循环。攻击者利用此漏洞可导致Lighttpd拒绝服务。
0
lighttpd 1.4.31
厂商补丁:

Lighttpd

目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:

http://download.lighttpd.net/lighttpd/security/lighttpd-1.4.31_fix_connection_header_dos.patch

Related

prion 1
ubuntucve 1
openvas 9
nessus 8
checkpoint_advisories 1
fedora 2
freebsd 1
debiancve 1
nvd 1
cve 1
amazon 1
seebug 1
cvelist 1
exploitdb 1
zdt 1
packetstorm 1
exploitpack 1
myhack58 1
gentoo 1
osv 1
prion
prion
Cross site request forgery (csrf)
2012-11-24 20:55:00
ubuntucve
ubuntucve
CVE-2012-5533
2012-11-24 00:00:00
openvas
openvas
Amazon Linux: Security Advisory (ALAS-2013-179)
2015-09-08 00:00:00
FreeBSD Ports: lighttpd
2012-11-26 00:00:00
Fedora Update for lighttpd FEDORA-2013-15345
2013-09-06 00:00:00
nessus
nessus
Fedora 18 : lighttpd-1.4.32-1.fc18 (2013-15344)
2013-09-04 00:00:00
Amazon Linux AMI : lighttpd (ALAS-2013-179)
2013-09-04 00:00:00
FreeBSD : lighttpd -- remote DoS in header parsing (1cd3ca42-33e6-11e2-a255-5404a67eef98)
2012-11-23 00:00:00
checkpoint_advisories
checkpoint_advisories
lighttpd Connection Header Parsing Denial of Service (CVE-2012-5533)
2012-12-16 00:00:00
fedora
fedora
[SECURITY] Fedora 18 Update: lighttpd-1.4.32-1.fc18
2013-09-03 22:29:53
[SECURITY] Fedora 19 Update: lighttpd-1.4.32-1.fc19
2013-09-03 22:31:38
freebsd
freebsd
lighttpd -- remote DoS in header parsing
2012-11-17 00:00:00
debiancve
debiancve
CVE-2012-5533
2012-11-24 20:55:04
nvd
nvd
CVE-2012-5533
2012-11-24 20:55:04
cve
cve
CVE-2012-5533
2012-11-24 20:55:04
amazon
amazon
Medium: lighttpd
2013-04-11 17:24:00
seebug
seebug
lighttpd 1.4.31 Denial of Service PoC
2014-07-01 00:00:00
cvelist
cvelist
CVE-2012-5533
2012-11-24 20:00:00
exploitdb
exploitdb
lighttpd 1.4.31 - Denial of Service (PoC)
2012-11-22 00:00:00
zdt
zdt
lighttpd 1.4.31 Denial of Service PoC
2012-11-21 00:00:00
packetstorm
packetstorm
Simple Lighttpd 1.4.31 Denial Of Service
2012-11-22 00:00:00
exploitpack
exploitpack
lighttpd 1.4.31 - Denial of Service (PoC)
2012-11-22 00:00:00
myhack58
myhack58
lighttpd domain processing denial of service vulnerability environment from the reproduction to the analysis-vulnerability warning-the black bar safety net
2017-08-23 00:00:00
gentoo
gentoo
lighttpd: Multiple vulnerabilities
2014-06-13 00:00:00
osv
osv
lighttpd-1.4.37-1.6 on GA media
2024-06-15 00:00:00

EPSS

0.663

Percentile

97.9%

JSON
Related for SSV:60476
prion1ubuntucve1openvas9nessus8checkpoint_advisories1fedora2freebsd1debiancve1nvd1cve1amazon1seebug1cvelist1exploitdb1zdt1packetstorm1exploitpack1myhack581gentoo1osv1