Vulnerability identifier: #VU32618
Vulnerability risk: Medium
CVSSv3.1: 4.8 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C]
CVE-ID:
CWE-ID:
CWE-20
Exploitation vector: Network
Exploit availability: Yes
Vulnerable software:
lighttpd
Server applications /
Web servers
Vendor: lighttpd
Description
The vulnerability allows remote attackers to perform a denial of service (DoS) attack.
The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can cause a denial of service (infinite loop) via a request with a header containing an empty token, as demonstrated using the "Connection: TE,,Keep-Alive" header.
Mitigation
The vendor has issued the following versions to address this vulnerability: 1.4.31, 1.4.32.
Vulnerable software versions
lighttpd: 1.4.1 - 1.4.30
External links
http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2012_01.txt
http://download.lighttpd.net/lighttpd/security/lighttpd-1.4.31_fix_connection_header_dos.patch
http://lists.opensuse.org/opensuse-updates/2012-11/msg00044.html
http://lists.opensuse.org/opensuse-updates/2014-01/msg00051.html
http://marc.info/?l=bugtraq&m=141576815022399&w=2
http://osvdb.org/87623
http://packetstormsecurity.org/files/118282/Simple-Lighttpd-1.4.31-Denial-Of-Service.html
http://secunia.com/advisories/51268
http://secunia.com/advisories/51298
http://www.exploit-db.com/exploits/22902
http://www.mandriva.com/security/advisories?name=MDVSA-2013:100
http://www.openwall.com/lists/oss-security/2012/11/21/1
http://www.securityfocus.com/bid/56619
http://www.securitytracker.com/id?1027802
http://exchange.xforce.ibmcloud.com/vulnerabilities/80213
http://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0345
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.