CVSS: 7.6EPSS: 10%CPEs: 7EXPL: 0CVE-2013-4559 – Mandriva Linux Security Advisory 2013-277
https://notcve.org/view.php?id=CVE-2013-4559
13 Nov 2013 — lighttpd before 1.4.33 does not check the return value of the (1) setuid, (2) setgid, or (3) setgroups functions, which might cause lighttpd to run as root if it is restarted and allows remote attackers to gain privileges, as demonstrated by multiple calls to the clone function that cause setuid to fail when the user process limit is reached. lighttpd anterior a la versión 1.4.33 no comprueba el valor de vuelta de (1) setuid, (2) setgid, o (3) setgroups, lo que podría causar que lighttpd se ejecute bajo adm... • http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2013_02.txt • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 13%CPEs: 7EXPL: 0CVE-2013-4560 – Mandriva Linux Security Advisory 2013-277
https://notcve.org/view.php?id=CVE-2013-4560
13 Nov 2013 — Use-after-free vulnerability in lighttpd before 1.4.33 allows remote attackers to cause a denial of service (segmentation fault and crash) via unspecified vectors that trigger FAMMonitorDirectory failures. Vulnerabilidad de uso después de liberación en lighttpd anterior a la versión 1.4.33 permite a atacantes remotos provocar una denegación de servicio (fallo de segmentación y caída) a través de vectores que desencadenen fallos FAMMonitorDirectory. lighttpd before 1.4.34, when SNI is enabled, configures wea... • http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2013_03.txt • CWE-416: Use After Free •
CVSS: 7.5EPSS: 2%CPEs: 7EXPL: 1CVE-2013-4508 – Mandriva Linux Security Advisory 2013-277
https://notcve.org/view.php?id=CVE-2013-4508
08 Nov 2013 — lighttpd before 1.4.34, when SNI is enabled, configures weak SSL ciphers, which makes it easier for remote attackers to hijack sessions by inserting packets into the client-server data stream or obtain sensitive information by sniffing the network. lighttpd anteriores a 1.4.34, cuando SNI esta habilitado, configura cifrados SSL débiles, lo que hace más fácil para un atacante remoto secuestrar sesiones insertando paquetes en el flujo de datos cliente-servidor u obtener información sensible capturando la red.... • http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2013_01.txt • CWE-326: Inadequate Encryption Strength •
CVSS: 7.0EPSS: 0%CPEs: 25EXPL: 0CVE-2013-1427
https://notcve.org/view.php?id=CVE-2013-1427
21 Mar 2013 — The configuration file for the FastCGI PHP support for lighttpd before 1.4.28 on Debian GNU/Linux creates a socket file with a predictable name in /tmp, which allows local users to hijack the PHP control socket and perform unauthorized actions such as forcing the use of a different version of PHP via a symlink attack or a race condition. El archivo de configuración para el soporte FastCGI PHP en lighttpd en versiones anteriores a 1.4.28 en Debian GNU/Linux crea un archivo socket con un nombre predecible en ... • http://osvdb.org/91462 • CWE-310: Cryptographic Issues •
CVSS: 7.5EPSS: 39%CPEs: 2EXPL: 3CVE-2012-5533 – lighttpd 1.4.31 - Denial of Service (PoC)
https://notcve.org/view.php?id=CVE-2012-5533
24 Nov 2012 — The http_request_split_value function in request.c in lighttpd before 1.4.32 allows remote attackers to cause a denial of service (infinite loop) via a request with a header containing an empty token, as demonstrated using the "Connection: TE,,Keep-Alive" header. La función http_request_split_value en request.c en lighttpd en versiones anteriores a 1.4.32 permite a atacantes remotos provocar una denegación de servicio (bucle infinito) a través de una petición con una cabecera que contiene un token vacío, ta... • https://www.exploit-db.com/exploits/22902 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 4%CPEs: 5EXPL: 7CVE-2011-4362 – lighttpd - Denial of Service (PoC)
https://notcve.org/view.php?id=CVE-2011-4362
24 Dec 2011 — Integer signedness error in the base64_decode function in the HTTP authentication functionality (http_auth.c) in lighttpd 1.4 before 1.4.30 and 1.5 before SVN revision 2806 allows remote attackers to cause a denial of service (segmentation fault) via crafted base64 input that triggers an out-of-bounds read with a negative index. Error de signo de entero en la función base64_decode en la funcionalidad de autenticación HTTP (http_auth.c) en lighttpd v1.4 anterior a v1.4.30 y v1.5 antes de la revisión SVN 2806... • https://www.exploit-db.com/exploits/18295 •
CVSS: 7.5EPSS: 5%CPEs: 62EXPL: 2CVE-2010-0295 – lighttpd 1.4/1.5 - Slow Request Handling Remote Denial of Service
https://notcve.org/view.php?id=CVE-2010-0295
03 Feb 2010 — lighttpd before 1.4.26, and 1.5.x, allocates a buffer for each read operation that occurs for a request, which allows remote attackers to cause a denial of service (memory consumption) by breaking a request into small pieces that are sent at a slow rate. lighttpd anterior a v1.4.26 y v1.5.x, reserva un búfer por cada operación de lectura para cada petición, lo que permite a atacantes remotos provocar una denegación de servicio (consumo de memoria) rompiendo la petición en pequeños pedazos que son enviados a... • https://www.exploit-db.com/exploits/33591 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 0CVE-2008-4359
https://notcve.org/view.php?id=CVE-2008-4359
03 Oct 2008 — lighttpd before 1.4.20 compares URIs to patterns in the (1) url.redirect and (2) url.rewrite configuration settings before performing URL decoding, which might allow remote attackers to bypass intended access restrictions, and obtain sensitive information or possibly modify data. lighttpd versiones anteriores a v1.4.20 compara URIs con patrones en los ajustes de configuración (1) url.redirect y (2) url.rewrite antes de realizar la decodificación de URL, lo cual puede permitir a atacantes remotos evitar rest... • http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.1EPSS: 1%CPEs: 2EXPL: 0CVE-2008-4360
https://notcve.org/view.php?id=CVE-2008-4360
03 Oct 2008 — mod_userdir in lighttpd before 1.4.20, when a case-insensitive operating system or filesystem is used, performs case-sensitive comparisons on filename components in configuration options, which might allow remote attackers to bypass intended access restrictions, as demonstrated by a request for a .PHP file when there is a configuration rule for .php files. mod_userdir de lighttpd versiones anteriores a v1.4.20, cuando un sistema operativo insensible a mayúsculas o minúsculas o sistemas de ficheros son utili... • http://lists.opensuse.org/opensuse-security-announce/2008-11/msg00002.html • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.5EPSS: 2%CPEs: 54EXPL: 0CVE-2008-4298
https://notcve.org/view.php?id=CVE-2008-4298
27 Sep 2008 — Memory leak in the http_request_parse function in request.c in lighttpd before 1.4.20 allows remote attackers to cause a denial of service (memory consumption) via a large number of requests with duplicate request headers. Fugas de memoria en la función http_request_parse en request.c en lighttpd anteriores a v1.4.20 permite a atacantes remotos causar denegación de servicio (corrupción de memoria) a través de un gran número de peticiones con cabeceras de peticiones duplicadas. • http://bugs.gentoo.org/show_bug.cgi?id=238180 • CWE-399: Resource Management Errors •