Detections
Analytics

lighttpd 1.4.31 http_request_split_value Function Header Handling DoS

medium Nessus Plugin ID 63094

Language:

Synopsis

The remote web server is affected by a denial of service vulnerability.

Description

According to its banner, the version of lighttpd running on the remote host is 1.4.31. It is, therefore, affected by a denial of service vulnerability. An error in the http_request_split_value() function in 'src/request.c' can cause the application to enter an endless loop when handling specially crafted 'Connection' header requests.

Note that Nessus has not tested for this issue but has instead relied only on the version in the server's banner.

Solution

Upgrade to lighttpd version 1.4.32 or later. Alternatively, apply the vendor-supplied patch.

See Also

http://www.lighttpd.net/2012/11/21/1-4-32/

http://redmine.lighttpd.net/issues/2413

http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2012_01.txt

http://www.nessus.org/u?5d138340

Plugin Details

Severity: Medium

ID: 63094

File Name: lighttpd_1_4_32.nasl

Version: 1.10

Type: remote

Family: Web Servers

Published: 11/29/2012

Updated: 7/12/2018

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 2.2

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS v3

Risk Factor: Medium

Base Score: 5.3

Temporal Score: 4.8

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Temporal Vector: CVSS:3.0/E:P/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:lighttpd:lighttpd

Required KB Items: installed_sw/lighttpd, Settings/ParanoidReport

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 11/21/2012

Vulnerability Publication Date: 11/21/2012

Reference Information

CVE: CVE-2012-5533

BID: 56619