CVE-2012-5533
Published: 24 November 2012
The http_request_split_value function in request.c in lighttpd before 1.4.32 allows remote attackers to cause a denial of service (infinite loop) via a request with a header containing an empty token, as demonstrated using the "Connection: TE,,Keep-Alive" header.
Priority
Status
Package | Release | Status |
---|---|---|
lighttpd Launchpad, Ubuntu, Debian |
upstream |
Released
(1.4.31-2)
|
hardy |
Not vulnerable
(1.4.19-0ubuntu3.1)
|
|
lucid |
Not vulnerable
(1.4.26-1.1ubuntu3.1)
|
|
oneiric |
Not vulnerable
(1.4.28-2ubuntu2.1)
|
|
precise |
Not vulnerable
(1.4.28-2ubuntu4)
|
|
quantal |
Not vulnerable
(1.4.28-2ubuntu4)
|
|
raring |
Not vulnerable
(1.4.28-2ubuntu4)
|
|
Patches: upstream: http://download.lighttpd.net/lighttpd/security/lighttpd-1.4.31_fix_connection_header_dos.patch |
References
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5533
- http://www.securitytracker.com/id?1027802
- http://www.openwall.com/lists/oss-security/2012/11/21/1
- http://www.exploit-db.com/exploits/22902
- http://secunia.com/advisories/51298
- http://secunia.com/advisories/51268
- http://osvdb.org/87623
- http://lists.opensuse.org/opensuse-updates/2012-11/msg00044.html
- http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2012_01.txt
- http://download.lighttpd.net/lighttpd/security/lighttpd-1.4.31_fix_connection_header_dos.patch
- NVD
- Launchpad
- Debian