CVE-2012-5533

Severity

50%

Complexity

99%

Confidentiality

48%

Per: http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2012_01.txt " Affected versions ------------------- Only 1.4.31; on the other hand versions before 1.4.31 include the "invalid read" bug."

The http_request_split_value function in request.c in lighttpd before 1.4.32 allows remote attackers to cause a denial of service (infinite loop) via a request with a header containing an empty token, as demonstrated using the "Connection: TE,,Keep-Alive" header.

Per: http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2012_01.txt " Affected versions ------------------- Only 1.4.31; on the other hand versions before 1.4.31 include the "invalid read" bug."

CVSS 2.0 Base Score 5. CVSS Attack Vector: network. CVSS Attack Complexity: low. CVSS Vector: (AV:N/AC:L/Au:N/C:N/I:N/A:P).

Overview

Type

lighttpd

First reported 12 years ago

2012-11-24 20:55:00

Last updated 7 years ago

2017-08-29 01:32:00

Affected Software

lighttpd 1.4.31

1.4.31

lighttpd 1.4.32

1.4.32

References

http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2012_01.txt

Vendor Advisory

http://download.lighttpd.net/lighttpd/security/lighttpd-1.4.31_fix_connection_header_dos.patch

Patch

openSUSE-SU-2012:1532

openSUSE-SU-2014:0074

HPSBGN03191

87623

http://packetstormsecurity.org/files/118282/Simple-Lighttpd-1.4.31-Denial-Of-Service.html

51268

Vendor Advisory

51298

Vendor Advisory

22902

Exploit

MDVSA-2013:100

[oss-security] 20121121 lighttpd 1.4.32 released, fixing CVE-2012-5533

56619

Exploit

1027802

lighttpd-httprequestsplitvalue-dos(80213)

https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0345

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.