7.8

CVE-2007-1870

lighttpd before 1.4.14 allows attackers to cause a denial of service (crash) via a request to a file whose mtime is 0, which results in a NULL pointer dereference.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
LighttpdLighttpd Version1.3.0
LighttpdLighttpd Version1.3.1
LighttpdLighttpd Version1.3.2
LighttpdLighttpd Version1.3.3
LighttpdLighttpd Version1.3.4
LighttpdLighttpd Version1.3.5
LighttpdLighttpd Version1.3.6
LighttpdLighttpd Version1.3.7
LighttpdLighttpd Version1.3.8
LighttpdLighttpd Version1.3.9
LighttpdLighttpd Version1.3.10
LighttpdLighttpd Version1.3.11
LighttpdLighttpd Version1.3.12
LighttpdLighttpd Version1.3.13
LighttpdLighttpd Version1.3.14
LighttpdLighttpd Version1.3.15
LighttpdLighttpd Version1.3.16
LighttpdLighttpd Version1.4.0
LighttpdLighttpd Version1.4.1
LighttpdLighttpd Version1.4.2
LighttpdLighttpd Version1.4.3
LighttpdLighttpd Version1.4.4
LighttpdLighttpd Version1.4.5
LighttpdLighttpd Version1.4.6
LighttpdLighttpd Version1.4.7
LighttpdLighttpd Version1.4.8
LighttpdLighttpd Version1.4.9
LighttpdLighttpd Version1.4.10
LighttpdLighttpd Version1.4.12
LighttpdLighttpd Version1.4.13
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 2.72% 0.841
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.8 10 6.9
AV:N/AC:L/Au:N/C:N/I:N/A:C
Es wurden noch keine Informationen zu CWE veröffentlicht.
http://secunia.com/advisories/24995
http://www.novell.com/linux/security/advisories/2007_007_suse.html
http://secunia.com/advisories/24886
Patch
Vendor Advisory
http://secunia.com/advisories/24947
http://secunia.com/advisories/25166
http://secunia.com/advisories/25613
http://security.gentoo.org/glsa/glsa-200705-07.xml
http://www.debian.org/security/2007/dsa-1303
http://www.securityfocus.com/archive/1/466464/30/6900/threaded
http://www.securityfocus.com/bid/23515
http://www.vupen.com/english/advisories/2007/1399
https://issues.rpath.com/browse/RPL-1218
http://www.lighttpd.net/assets/2007/4/13/lighttpd_sa2007_02.txt
https://exchange.xforce.ibmcloud.com/vulnerabilities/33678