Detections
Analytics

FreeBSD : lighttpd -- remote DoS in header parsing (1cd3ca42-33e6-11e2-a255-5404a67eef98)

medium Nessus Plugin ID 63016

Language:

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

Lighttpd security advisory reports :

Certain Connection header values will trigger an endless loop, for example : 'Connection: TE,,Keep-Alive'

On receiving such value, lighttpd will enter an endless loop, detecting an empty token but not incrementing the current string position, and keep reading the ',' again and again.

This bug was introduced in 1.4.31, when we fixed an 'invalid read' bug (it would try to read the byte before the string if it started with ',', although the value wasn't actually used).

Solution

Update the affected package.

See Also

http://www.nessus.org/u?c383c1b5

Plugin Details

Severity: Medium

ID: 63016

File Name: freebsd_pkg_1cd3ca4233e611e2a2555404a67eef98.nasl

Version: 1.7

Type: local

Published: 11/23/2012

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 2.2

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:lighttpd, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 11/21/2012

Vulnerability Publication Date: 11/17/2012

Reference Information

CVE: CVE-2012-5533