Debian DSA-1362-2 : lighttpd - several vulnerabilities

high Nessus Plugin ID 25962

Synopsis

The remote Debian host is missing a security-related update.

Description

Several vulnerabilities were discovered in lighttpd, a fast webserver with minimal memory footprint, which could allow the execution of arbitrary code via the overflow of CGI variables when mod_fcgi was enabled. The Common Vulnerabilities and Exposures project identifies the following problems :

- CVE-2007-3946 The use of mod_auth could leave to a denial of service attack crashing the webserver.

- CVE-2007-3947 The improper handling of repeated HTTP headers could cause a denial of service attack crashing the webserver.

- CVE-2007-3949 A bug in mod_access potentially allows remote users to bypass access restrictions via trailing slash characters.

- CVE-2007-3950 On 32-bit platforms users may be able to create denial of service attacks, crashing the webserver, via mod_webdav, mod_fastcgi, or mod_scgi.

Solution

Upgrade the lighttpd package.

For the stable distribution (etch), these problems have been fixed in version 1.4.13-4etch4.

See Also

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=434888

https://security-tracker.debian.org/tracker/CVE-2007-3946

https://security-tracker.debian.org/tracker/CVE-2007-3947

https://security-tracker.debian.org/tracker/CVE-2007-3949

https://security-tracker.debian.org/tracker/CVE-2007-3950

https://www.debian.org/security/2007/dsa-1362

Plugin Details

Severity: High

ID: 25962

File Name: debian_DSA-1362.nasl

Version: 1.21

Type: local

Agent: unix

Published: 9/3/2007

Updated: 1/4/2021

Supported Sensors: Agentless Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.8

CVSS v2

Risk Factor: High

Base Score: 8.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:C

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:lighttpd, cpe:/o:debian:debian_linux:4.0

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Available: true

Exploit Ease: Exploits are available

Patch Publication Date: 8/29/2007

Exploitable With

CANVAS (D2ExploitPack)

Core Impact

Reference Information

CVE: CVE-2007-2841, CVE-2007-3946, CVE-2007-3947, CVE-2007-3948, CVE-2007-3949, CVE-2007-3950, CVE-2007-4727

CWE: 119

DSA: 1362