Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    76 vulnerabilities by lighttpd

    CVE-2025-12642 (GCVE-0-2025-12642)

    Vulnerability from nvd – Published: 2025-11-03 19:36 – Updated: 2025-11-03 19:44
    VLAI
    Title
    HTTP Header Smuggling via Trailer Merge
    Summary
    lighttpd1.4.80 incorrectly merged trailer fields into headers after http request parsing. This behavior can be exploited to conduct HTTP Header Smuggling attacks. Successful exploitation may allow an attacker to: * Bypass access control rules * Inject unsafe input into backend logic that trusts request headers * Execute HTTP Request Smuggling attacks under some conditions This issue affects lighttpd1.4.80
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
    Assigner
    Impacted products
    Vendor Product Version
    lighttpd lighttpd Affected: 1.4.80 , < 1.4.81 (custom)
    Create a notification for this product.
    Credits
    Sebastiano Sartor <@sebsrt>
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-12642",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-11-03T19:43:55.914894Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-11-03T19:44:09.174Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "mod_proxy"
              ],
              "packageName": "lighttpd1.4",
              "product": "lighttpd",
              "repo": "https://git.lighttpd.net/lighttpd/lighttpd1.4",
              "vendor": "lighttpd",
              "versions": [
                {
                  "lessThan": "1.4.81",
                  "status": "affected",
                  "version": "1.4.80",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "1.4.81",
                      "versionStartIncluding": "1.4.80",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Sebastiano Sartor \u003c@sebsrt\u003e"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003elighttpd1.4.80 incorrectly merged trailer fields into headers\u0026nbsp;after http request parsing. This behavior can be exploited to conduct HTTP Header Smuggling attacks.\u003c/p\u003e\u003cp\u003eSuccessful exploitation may allow an attacker to:\u003c/p\u003e\u003cul\u003e\u003cli\u003eBypass access control rules\u003c/li\u003e\u003cli\u003eInject unsafe input into backend logic that trusts request headers\u003c/li\u003e\u003cli\u003eExecute HTTP Request Smuggling attacks under some conditions\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eThis issue affects lighttpd1.4.80\u003c/p\u003e"
                }
              ],
              "value": "lighttpd1.4.80 incorrectly merged trailer fields into headers\u00a0after http request parsing. This behavior can be exploited to conduct HTTP Header Smuggling attacks.\n\nSuccessful exploitation may allow an attacker to:\n\n  *  Bypass access control rules\n  *  Inject unsafe input into backend logic that trusts request headers\n  *  Execute HTTP Request Smuggling attacks under some conditions\n\n\nThis issue affects lighttpd1.4.80"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-554",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-554 Functionality Bypass"
                }
              ]
            },
            {
              "capecId": "CAPEC-33",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-33 HTTP Request Smuggling"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "LOW",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-444",
                  "description": "CWE-444 Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-03T19:36:17.011Z",
            "orgId": "1c6b5737-9389-4011-8117-89fa251edfb2",
            "shortName": "Toreon"
          },
          "references": [
            {
              "url": "https://github.com/lighttpd/lighttpd1.4/commit/35cb89c103877de62d6b63d0804255475d77e5e1"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "HTTP Header Smuggling via Trailer Merge",
          "x_generator": {
            "engine": "Vulnogram 0.4.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1c6b5737-9389-4011-8117-89fa251edfb2",
        "assignerShortName": "Toreon",
        "cveId": "CVE-2025-12642",
        "datePublished": "2025-11-03T19:36:17.011Z",
        "dateReserved": "2025-11-03T19:34:17.666Z",
        "dateUpdated": "2025-11-03T19:44:09.174Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2018-25103 (GCVE-0-2018-25103)

    Vulnerability from nvd – Published: 2024-06-17 18:02 – Updated: 2025-09-15 20:05
    VLAI
    Title
    Use-after-free vulnerabilities in lighttpd <= 1.4.50
    Summary
    There exists use-after-free vulnerabilities in lighttpd <= 1.4.50 request parsing which might read from invalid pointers to memory used in the same request, not from other requests.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    lighttpd lighttpd Affected: * , ≤ 1.4.50 (custom)
    Create a notification for this product.
    lighttpd lighttpd Affected: 0 , ≤ 1.4.50 (custom)
        cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Thanks to VDOO Embedded Security part of JFROG for reporting the vulnerability in the If-Modified-Since header with line folding, and thanks to Marcus Wengelin for reporting the vulnerability in the Range header with a specially crafted pair of Range headers.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "lighttpd",
                "vendor": "lighttpd",
                "versions": [
                  {
                    "lessThanOrEqual": "1.4.50",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 5.3,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2018-25103",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-09-15T20:05:27.032213Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-09-15T20:05:35.756Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T12:33:49.277Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://blogvdoo.wordpress.com/2018/11/06/giving-back-securing-open-source-iot-projects/#more-736"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.runzero.com/blog/lighttpd/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/lighttpd/lighttpd1.4/commit/df8e4f95614e476276a55e34da2aa8b00b1148e9"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/lighttpd/lighttpd1.4/commit/d161f53de04bc826ce1bdaeb3dce2c72ca50a3f8"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/2024/AMI-SA-2024002.pdf"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.kb.cert.org/vuls/id/312260"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "lighttpd",
              "vendor": "lighttpd",
              "versions": [
                {
                  "lessThanOrEqual": "1.4.50",
                  "status": "affected",
                  "version": "*",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Thanks to VDOO Embedded Security part of JFROG for reporting the vulnerability in the If-Modified-Since header with line folding, and thanks to Marcus Wengelin for reporting the vulnerability in the Range header with a specially crafted pair of Range headers."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "There exists use-after-free vulnerabilities in lighttpd \u003c= 1.4.50 request parsing which might read from invalid pointers to memory used in the same request, not from other requests."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-416: Use After Free",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-09T14:45:06.732Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "url": "https://blogvdoo.wordpress.com/2018/11/06/giving-back-securing-open-source-iot-projects/#more-736"
            },
            {
              "url": "https://www.runzero.com/blog/lighttpd/"
            },
            {
              "url": "https://github.com/lighttpd/lighttpd1.4/commit/df8e4f95614e476276a55e34da2aa8b00b1148e9"
            },
            {
              "url": "https://github.com/lighttpd/lighttpd1.4/commit/d161f53de04bc826ce1bdaeb3dce2c72ca50a3f8"
            },
            {
              "url": "https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/2024/AMI-SA-2024002.pdf"
            },
            {
              "url": "https://www.kb.cert.org/vuls/id/312260"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Use-after-free vulnerabilities in lighttpd \u003c= 1.4.50",
          "x_generator": {
            "engine": "VINCE 3.0.4",
            "env": "prod",
            "origin": "https://cveawg.mitre.org/api/cve/CVE-2018-25103"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2018-25103",
        "datePublished": "2024-06-17T18:02:57.162Z",
        "dateReserved": "2024-06-17T17:47:24.277Z",
        "dateUpdated": "2025-09-15T20:05:35.756Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-3708 (GCVE-0-2024-3708)

    Vulnerability from nvd – Published: 2024-05-23 00:11 – Updated: 2024-07-09 15:06
    VLAI

    This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

    Show details on NVD website

    {
      "containers": {
        "cna": {
          "providerMetadata": {
            "dateUpdated": "2024-07-09T15:06:37.504Z",
            "orgId": "7e9044f1-7f56-4c38-8864-c0c7302263d6",
            "shortName": "AMI"
          },
          "rejectedReasons": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
                }
              ],
              "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7e9044f1-7f56-4c38-8864-c0c7302263d6",
        "assignerShortName": "AMI",
        "cveId": "CVE-2024-3708",
        "datePublished": "2024-05-23T00:11:32.655Z",
        "dateRejected": "2024-07-09T15:06:37.504Z",
        "dateReserved": "2024-04-12T12:26:57.356Z",
        "dateUpdated": "2024-07-09T15:06:37.504Z",
        "state": "REJECTED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-41556 (GCVE-0-2022-41556)

    Vulnerability from nvd – Published: 2022-10-06 00:00 – Updated: 2024-08-03 12:42
    VLAI
    Summary
    A resource leak in gw_backend.c in lighttpd 1.4.56 through 1.4.66 could lead to a denial of service (connection-slot exhaustion) after a large amount of anomalous TCP behavior by clients. It is related to RDHUP mishandling in certain HTTP/1.1 chunked situations. Use of mod_fastcgi is, for example, affected. This is fixed in 1.4.67.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T12:42:46.654Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://git.lighttpd.net/lighttpd/lighttpd1.4/commit/b18de6f9264f914f7bf493abd3b6059343548e50"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/lighttpd/lighttpd1.4/pull/115"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/lighttpd/lighttpd1.4/compare/lighttpd-1.4.66...lighttpd-1.4.67"
              },
              {
                "name": "FEDORA-2022-c26b19568d",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OVOSBSCMLGCHH2Z74H64ZWVDFJFQTBC2/"
              },
              {
                "name": "GLSA-202210-12",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202210-12"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A resource leak in gw_backend.c in lighttpd 1.4.56 through 1.4.66 could lead to a denial of service (connection-slot exhaustion) after a large amount of anomalous TCP behavior by clients. It is related to RDHUP mishandling in certain HTTP/1.1 chunked situations. Use of mod_fastcgi is, for example, affected. This is fixed in 1.4.67."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-31T00:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://git.lighttpd.net/lighttpd/lighttpd1.4/commit/b18de6f9264f914f7bf493abd3b6059343548e50"
            },
            {
              "url": "https://github.com/lighttpd/lighttpd1.4/pull/115"
            },
            {
              "url": "https://github.com/lighttpd/lighttpd1.4/compare/lighttpd-1.4.66...lighttpd-1.4.67"
            },
            {
              "name": "FEDORA-2022-c26b19568d",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OVOSBSCMLGCHH2Z74H64ZWVDFJFQTBC2/"
            },
            {
              "name": "GLSA-202210-12",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security.gentoo.org/glsa/202210-12"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2022-41556",
        "datePublished": "2022-10-06T00:00:00.000Z",
        "dateReserved": "2022-09-26T00:00:00.000Z",
        "dateUpdated": "2024-08-03T12:42:46.654Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-37797 (GCVE-0-2022-37797)

    Vulnerability from nvd – Published: 2022-09-12 00:00 – Updated: 2024-08-03 10:37
    VLAI
    Summary
    In lighttpd 1.4.65, mod_wstunnel does not initialize a handler function pointer if an invalid HTTP request (websocket handshake) is received. It leads to null pointer dereference which crashes the server. It could be used by an external attacker to cause denial of service condition.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T10:37:41.657Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://redmine.lighttpd.net/issues/3165"
              },
              {
                "name": "DSA-5243",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2022/dsa-5243"
              },
              {
                "name": "[debian-lts-announce] 20221003 [SECURITY] [DLA 3133-1] lighttpd security update",
                "tags": [
                  "mailing-list",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00002.html"
              },
              {
                "name": "GLSA-202210-12",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202210-12"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In lighttpd 1.4.65, mod_wstunnel does not initialize a handler function pointer if an invalid HTTP request (websocket handshake) is received. It leads to null pointer dereference which crashes the server. It could be used by an external attacker to cause denial of service condition."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-31T00:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://redmine.lighttpd.net/issues/3165"
            },
            {
              "name": "DSA-5243",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.debian.org/security/2022/dsa-5243"
            },
            {
              "name": "[debian-lts-announce] 20221003 [SECURITY] [DLA 3133-1] lighttpd security update",
              "tags": [
                "mailing-list"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00002.html"
            },
            {
              "name": "GLSA-202210-12",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security.gentoo.org/glsa/202210-12"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2022-37797",
        "datePublished": "2022-09-12T00:00:00.000Z",
        "dateReserved": "2022-08-08T00:00:00.000Z",
        "dateUpdated": "2024-08-03T10:37:41.657Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-30780 (GCVE-0-2022-30780)

    Vulnerability from nvd – Published: 2022-06-11 14:40 – Updated: 2024-08-03 06:56
    VLAI
    Summary
    Lighttpd 1.4.56 through 1.4.58 allows a remote attacker to cause a denial of service (CPU consumption from stuck connections) because connection_read_header_more in connections.c has a typo that disrupts use of multiple read operations on large headers.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T06:56:14.103Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/lighttpd/lighttpd1.4"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://redmine.lighttpd.net/issues/3059"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://podalirius.net/en/cves/2022-30780/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/p0dalirius/CVE-2022-30780-lighttpd-denial-of-service"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Lighttpd 1.4.56 through 1.4.58 allows a remote attacker to cause a denial of service (CPU consumption from stuck connections) because connection_read_header_more in connections.c has a typo that disrupts use of multiple read operations on large headers."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-06-11T14:40:53.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/lighttpd/lighttpd1.4"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://redmine.lighttpd.net/issues/3059"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://podalirius.net/en/cves/2022-30780/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/p0dalirius/CVE-2022-30780-lighttpd-denial-of-service"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2022-30780",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Lighttpd 1.4.56 through 1.4.58 allows a remote attacker to cause a denial of service (CPU consumption from stuck connections) because connection_read_header_more in connections.c has a typo that disrupts use of multiple read operations on large headers."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://github.com/lighttpd/lighttpd1.4",
                  "refsource": "MISC",
                  "url": "https://github.com/lighttpd/lighttpd1.4"
                },
                {
                  "name": "https://redmine.lighttpd.net/issues/3059",
                  "refsource": "MISC",
                  "url": "https://redmine.lighttpd.net/issues/3059"
                },
                {
                  "name": "https://podalirius.net/en/cves/2022-30780/",
                  "refsource": "MISC",
                  "url": "https://podalirius.net/en/cves/2022-30780/"
                },
                {
                  "name": "https://github.com/p0dalirius/CVE-2022-30780-lighttpd-denial-of-service",
                  "refsource": "MISC",
                  "url": "https://github.com/p0dalirius/CVE-2022-30780-lighttpd-denial-of-service"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2022-30780",
        "datePublished": "2022-06-11T14:40:53.000Z",
        "dateReserved": "2022-05-16T00:00:00.000Z",
        "dateUpdated": "2024-08-03T06:56:14.103Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-22707 (GCVE-0-2022-22707)

    Vulnerability from nvd – Published: 2022-01-06 05:55 – Updated: 2024-08-03 03:21
    VLAI
    Summary
    In lighttpd 1.4.46 through 1.4.63, the mod_extforward_Forwarded function of the mod_extforward plugin has a stack-based buffer overflow (4 bytes representing -1), as demonstrated by remote denial of service (daemon crash) in a non-default configuration. The non-default configuration requires handling of the Forwarded header in a somewhat unusual manner. Also, a 32-bit system is much more likely to be affected than a 64-bit system.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://redmine.lighttpd.net/issues/3134 x_refsource_MISC
    https://www.debian.org/security/2022/dsa-5040 vendor-advisoryx_refsource_DEBIAN
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T03:21:48.853Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://redmine.lighttpd.net/issues/3134"
              },
              {
                "name": "DSA-5040",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2022/dsa-5040"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In lighttpd 1.4.46 through 1.4.63, the mod_extforward_Forwarded function of the mod_extforward plugin has a stack-based buffer overflow (4 bytes representing -1), as demonstrated by remote denial of service (daemon crash) in a non-default configuration. The non-default configuration requires handling of the Forwarded header in a somewhat unusual manner. Also, a 32-bit system is much more likely to be affected than a 64-bit system."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-01-12T10:06:30.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://redmine.lighttpd.net/issues/3134"
            },
            {
              "name": "DSA-5040",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "https://www.debian.org/security/2022/dsa-5040"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2022-22707",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In lighttpd 1.4.46 through 1.4.63, the mod_extforward_Forwarded function of the mod_extforward plugin has a stack-based buffer overflow (4 bytes representing -1), as demonstrated by remote denial of service (daemon crash) in a non-default configuration. The non-default configuration requires handling of the Forwarded header in a somewhat unusual manner. Also, a 32-bit system is much more likely to be affected than a 64-bit system."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://redmine.lighttpd.net/issues/3134",
                  "refsource": "MISC",
                  "url": "https://redmine.lighttpd.net/issues/3134"
                },
                {
                  "name": "DSA-5040",
                  "refsource": "DEBIAN",
                  "url": "https://www.debian.org/security/2022/dsa-5040"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2022-22707",
        "datePublished": "2022-01-06T05:55:30.000Z",
        "dateReserved": "2022-01-06T00:00:00.000Z",
        "dateUpdated": "2024-08-03T03:21:48.853Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-11072 (GCVE-0-2019-11072)

    Vulnerability from nvd – Published: 2019-04-10 21:04 – Updated: 2024-08-04 22:40 Disputed
    VLAI
    Summary
    lighttpd before 1.4.54 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a malicious HTTP GET request, as demonstrated by mishandling of /%2F? in burl_normalize_2F_to_slash_fix in burl.c. NOTE: The developer states "The feature which can be abused to cause the crash is a new feature in lighttpd 1.4.50, and is not enabled by default. It must be explicitly configured in the config file (e.g. lighttpd.conf). Certain input will trigger an abort() in lighttpd when that feature is enabled. lighttpd detects the underflow or realloc() will fail (in both 32-bit and 64-bit executables), also detected in lighttpd. Either triggers an explicit abort() by lighttpd. This is not exploitable beyond triggering the explicit abort() with subsequent application exit.
    Severity
    No CVSS data available.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2019-11072",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-06-11T20:27:33.982094Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-11T20:27:43.773Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T22:40:16.264Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://redmine.lighttpd.net/issues/2945"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/lighttpd/lighttpd1.4/commit/32120d5b8b3203fc21ccb9eafb0eaf824bb59354"
              },
              {
                "name": "107907",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/107907"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "lighttpd before 1.4.54 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a malicious HTTP GET request, as demonstrated by mishandling of /%2F? in burl_normalize_2F_to_slash_fix in burl.c. NOTE: The developer states \"The feature which can be abused to cause the crash is a new feature in lighttpd 1.4.50, and is not enabled by default. It must be explicitly configured in the config file (e.g. lighttpd.conf). Certain input will trigger an abort() in lighttpd when that feature is enabled. lighttpd detects the underflow or realloc() will fail (in both 32-bit and 64-bit executables), also detected in lighttpd. Either triggers an explicit abort() by lighttpd. This is not exploitable beyond triggering the explicit abort() with subsequent application exit."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-04-23T19:33:44.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://redmine.lighttpd.net/issues/2945"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/lighttpd/lighttpd1.4/commit/32120d5b8b3203fc21ccb9eafb0eaf824bb59354"
            },
            {
              "name": "107907",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/107907"
            }
          ],
          "tags": [
            "disputed"
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2019-11072",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "** DISPUTED ** lighttpd before 1.4.54 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a malicious HTTP GET request, as demonstrated by mishandling of /%2F? in burl_normalize_2F_to_slash_fix in burl.c. NOTE: The developer states \"The feature which can be abused to cause the crash is a new feature in lighttpd 1.4.50, and is not enabled by default. It must be explicitly configured in the config file (e.g. lighttpd.conf). Certain input will trigger an abort() in lighttpd when that feature is enabled. lighttpd detects the underflow or realloc() will fail (in both 32-bit and 64-bit executables), also detected in lighttpd. Either triggers an explicit abort() by lighttpd. This is not exploitable beyond triggering the explicit abort() with subsequent application exit.\""
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://redmine.lighttpd.net/issues/2945",
                  "refsource": "MISC",
                  "url": "https://redmine.lighttpd.net/issues/2945"
                },
                {
                  "name": "https://github.com/lighttpd/lighttpd1.4/commit/32120d5b8b3203fc21ccb9eafb0eaf824bb59354",
                  "refsource": "MISC",
                  "url": "https://github.com/lighttpd/lighttpd1.4/commit/32120d5b8b3203fc21ccb9eafb0eaf824bb59354"
                },
                {
                  "name": "107907",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/107907"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2019-11072",
        "datePublished": "2019-04-10T21:04:57.000Z",
        "dateReserved": "2019-04-10T00:00:00.000Z",
        "dateUpdated": "2024-08-04T22:40:16.264Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-19052 (GCVE-0-2018-19052)

    Vulnerability from nvd – Published: 2018-11-07 05:00 – Updated: 2024-08-05 11:30
    VLAI
    Summary
    An issue was discovered in mod_alias_physical_handler in mod_alias.c in lighttpd before 1.4.50. There is potential ../ path traversal of a single directory above an alias target, with a specific mod_alias configuration where the matched alias lacks a trailing '/' character, but the alias target filesystem path does have a trailing '/' character.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2018-11-06 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T11:30:04.022Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/lighttpd/lighttpd1.4/commit/2105dae0f9d7a964375ce681e53cb165375f84c1"
              },
              {
                "name": "openSUSE-SU-2019:2347",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00054.html"
              },
              {
                "name": "[debian-lts-announce] 20220118 [SECURITY] [DLA 2879-1] lighttpd security update",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00012.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2018-11-06T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An issue was discovered in mod_alias_physical_handler in mod_alias.c in lighttpd before 1.4.50. There is potential ../ path traversal of a single directory above an alias target, with a specific mod_alias configuration where the matched alias lacks a trailing \u0027/\u0027 character, but the alias target filesystem path does have a trailing \u0027/\u0027 character."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-01-18T20:06:17.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/lighttpd/lighttpd1.4/commit/2105dae0f9d7a964375ce681e53cb165375f84c1"
            },
            {
              "name": "openSUSE-SU-2019:2347",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00054.html"
            },
            {
              "name": "[debian-lts-announce] 20220118 [SECURITY] [DLA 2879-1] lighttpd security update",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00012.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2018-19052",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An issue was discovered in mod_alias_physical_handler in mod_alias.c in lighttpd before 1.4.50. There is potential ../ path traversal of a single directory above an alias target, with a specific mod_alias configuration where the matched alias lacks a trailing \u0027/\u0027 character, but the alias target filesystem path does have a trailing \u0027/\u0027 character."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://github.com/lighttpd/lighttpd1.4/commit/2105dae0f9d7a964375ce681e53cb165375f84c1",
                  "refsource": "MISC",
                  "url": "https://github.com/lighttpd/lighttpd1.4/commit/2105dae0f9d7a964375ce681e53cb165375f84c1"
                },
                {
                  "name": "openSUSE-SU-2019:2347",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00054.html"
                },
                {
                  "name": "[debian-lts-announce] 20220118 [SECURITY] [DLA 2879-1] lighttpd security update",
                  "refsource": "MLIST",
                  "url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00012.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2018-19052",
        "datePublished": "2018-11-07T05:00:00.000Z",
        "dateReserved": "2018-11-06T00:00:00.000Z",
        "dateUpdated": "2024-08-05T11:30:04.022Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2015-3200 (GCVE-0-2015-3200)

    Vulnerability from nvd – Published: 2015-06-09 14:00 – Updated: 2024-08-06 05:39
    VLAI
    Summary
    mod_auth in lighttpd before 1.4.36 allows remote attackers to inject arbitrary log entries via a basic HTTP authentication string without a colon character, as demonstrated by a string containing a NULL and new line character.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2015-05-25 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T05:39:31.929Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "74813",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/74813"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05247375"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://redmine.lighttpd.net/issues/2646"
              },
              {
                "name": "1032405",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1032405"
              },
              {
                "name": "FEDORA-2015-12252",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163223.html"
              },
              {
                "name": "FEDORA-2015-12250",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163286.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://jaanuskp.blogspot.com/2015/05/cve-2015-3200.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10310"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2015-05-25T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "mod_auth in lighttpd before 1.4.36 allows remote attackers to inject arbitrary log entries via a basic HTTP authentication string without a colon character, as demonstrated by a string containing a NULL and new line character."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-03-18T07:06:06.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "74813",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/74813"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05247375"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://redmine.lighttpd.net/issues/2646"
            },
            {
              "name": "1032405",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1032405"
            },
            {
              "name": "FEDORA-2015-12252",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163223.html"
            },
            {
              "name": "FEDORA-2015-12250",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163286.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://jaanuskp.blogspot.com/2015/05/cve-2015-3200.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10310"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2015-3200",
        "datePublished": "2015-06-09T14:00:00.000Z",
        "dateReserved": "2015-04-10T00:00:00.000Z",
        "dateUpdated": "2024-08-06T05:39:31.929Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2014-2324 (GCVE-0-2014-2324)

    Vulnerability from nvd – Published: 2014-03-14 15:00 – Updated: 2024-08-06 10:06
    VLAI
    Summary
    Multiple directory traversal vulnerabilities in (1) mod_evhost and (2) mod_simple_vhost in lighttpd before 1.4.35 allow remote attackers to read arbitrary files via a .. (dot dot) in the host name, related to request_check_hostname.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.lighttpd.net/2014/3/12/1.4.35/ x_refsource_CONFIRM
    http://www.securityfocus.com/bid/66157 vdb-entryx_refsource_BID
    http://download.lighttpd.net/lighttpd/security/li… x_refsource_CONFIRM
    http://www.debian.org/security/2014/dsa-2877 vendor-advisoryx_refsource_DEBIAN
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://secunia.com/advisories/57514 third-party-advisoryx_refsource_SECUNIA
    http://marc.info/?l=bugtraq&m=141576815022399&w=2 vendor-advisoryx_refsource_HP
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://secunia.com/advisories/57404 third-party-advisoryx_refsource_SECUNIA
    http://seclists.org/oss-sec/2014/q1/564 mailing-listx_refsource_MLIST
    http://seclists.org/oss-sec/2014/q1/561 mailing-listx_refsource_MLIST
    http://jvn.jp/en/jp/JVN37417423/index.html third-party-advisoryx_refsource_JVN
    Date Public
    2014-03-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T10:06:00.322Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.lighttpd.net/2014/3/12/1.4.35/"
              },
              {
                "name": "66157",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/66157"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2014_01.txt"
              },
              {
                "name": "DSA-2877",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2014/dsa-2877"
              },
              {
                "name": "openSUSE-SU-2014:0449",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00023.html"
              },
              {
                "name": "57514",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/57514"
              },
              {
                "name": "HPSBGN03191",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=141576815022399\u0026w=2"
              },
              {
                "name": "openSUSE-SU-2014:0496",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00006.html"
              },
              {
                "name": "SUSE-SU-2014:0474",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00002.html"
              },
              {
                "name": "57404",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/57404"
              },
              {
                "name": "[oss-security] 20140312 Re: lighttpd 1.4.34 SQL injection and path traversal CVE request",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://seclists.org/oss-sec/2014/q1/564"
              },
              {
                "name": "[oss-security] 20140312 lighttpd 1.4.34 SQL injection and path traversal CVE request",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://seclists.org/oss-sec/2014/q1/561"
              },
              {
                "name": "JVN#37417423",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "http://jvn.jp/en/jp/JVN37417423/index.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2014-03-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple directory traversal vulnerabilities in (1) mod_evhost and (2) mod_simple_vhost in lighttpd before 1.4.35 allow remote attackers to read arbitrary files via a .. (dot dot) in the host name, related to request_check_hostname."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-02-19T04:06:10.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.lighttpd.net/2014/3/12/1.4.35/"
            },
            {
              "name": "66157",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/66157"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2014_01.txt"
            },
            {
              "name": "DSA-2877",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2014/dsa-2877"
            },
            {
              "name": "openSUSE-SU-2014:0449",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00023.html"
            },
            {
              "name": "57514",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/57514"
            },
            {
              "name": "HPSBGN03191",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=141576815022399\u0026w=2"
            },
            {
              "name": "openSUSE-SU-2014:0496",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00006.html"
            },
            {
              "name": "SUSE-SU-2014:0474",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00002.html"
            },
            {
              "name": "57404",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/57404"
            },
            {
              "name": "[oss-security] 20140312 Re: lighttpd 1.4.34 SQL injection and path traversal CVE request",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://seclists.org/oss-sec/2014/q1/564"
            },
            {
              "name": "[oss-security] 20140312 lighttpd 1.4.34 SQL injection and path traversal CVE request",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://seclists.org/oss-sec/2014/q1/561"
            },
            {
              "name": "JVN#37417423",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "http://jvn.jp/en/jp/JVN37417423/index.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2014-2324",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple directory traversal vulnerabilities in (1) mod_evhost and (2) mod_simple_vhost in lighttpd before 1.4.35 allow remote attackers to read arbitrary files via a .. (dot dot) in the host name, related to request_check_hostname."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.lighttpd.net/2014/3/12/1.4.35/",
                  "refsource": "CONFIRM",
                  "url": "http://www.lighttpd.net/2014/3/12/1.4.35/"
                },
                {
                  "name": "66157",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/66157"
                },
                {
                  "name": "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2014_01.txt",
                  "refsource": "CONFIRM",
                  "url": "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2014_01.txt"
                },
                {
                  "name": "DSA-2877",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2014/dsa-2877"
                },
                {
                  "name": "openSUSE-SU-2014:0449",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00023.html"
                },
                {
                  "name": "57514",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/57514"
                },
                {
                  "name": "HPSBGN03191",
                  "refsource": "HP",
                  "url": "http://marc.info/?l=bugtraq\u0026m=141576815022399\u0026w=2"
                },
                {
                  "name": "openSUSE-SU-2014:0496",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00006.html"
                },
                {
                  "name": "SUSE-SU-2014:0474",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00002.html"
                },
                {
                  "name": "57404",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/57404"
                },
                {
                  "name": "[oss-security] 20140312 Re: lighttpd 1.4.34 SQL injection and path traversal CVE request",
                  "refsource": "MLIST",
                  "url": "http://seclists.org/oss-sec/2014/q1/564"
                },
                {
                  "name": "[oss-security] 20140312 lighttpd 1.4.34 SQL injection and path traversal CVE request",
                  "refsource": "MLIST",
                  "url": "http://seclists.org/oss-sec/2014/q1/561"
                },
                {
                  "name": "JVN#37417423",
                  "refsource": "JVN",
                  "url": "http://jvn.jp/en/jp/JVN37417423/index.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2014-2324",
        "datePublished": "2014-03-14T15:00:00.000Z",
        "dateReserved": "2014-03-12T00:00:00.000Z",
        "dateUpdated": "2024-08-06T10:06:00.322Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2014-2323 (GCVE-0-2014-2323)

    Vulnerability from nvd – Published: 2014-03-14 15:00 – Updated: 2024-08-06 10:06
    VLAI
    Summary
    SQL injection vulnerability in mod_mysql_vhost.c in lighttpd before 1.4.35 allows remote attackers to execute arbitrary SQL commands via the host name, related to request_check_hostname.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.lighttpd.net/2014/3/12/1.4.35/ x_refsource_CONFIRM
    http://download.lighttpd.net/lighttpd/security/li… x_refsource_CONFIRM
    http://www.debian.org/security/2014/dsa-2877 vendor-advisoryx_refsource_DEBIAN
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://secunia.com/advisories/57514 third-party-advisoryx_refsource_SECUNIA
    http://marc.info/?l=bugtraq&m=141576815022399&w=2 vendor-advisoryx_refsource_HP
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://secunia.com/advisories/57404 third-party-advisoryx_refsource_SECUNIA
    http://seclists.org/oss-sec/2014/q1/564 mailing-listx_refsource_MLIST
    http://seclists.org/oss-sec/2014/q1/561 mailing-listx_refsource_MLIST
    http://jvn.jp/en/jp/JVN37417423/index.html third-party-advisoryx_refsource_JVN
    Date Public
    2014-03-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T10:06:00.483Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.lighttpd.net/2014/3/12/1.4.35/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2014_01.txt"
              },
              {
                "name": "DSA-2877",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2014/dsa-2877"
              },
              {
                "name": "openSUSE-SU-2014:0449",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00023.html"
              },
              {
                "name": "57514",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/57514"
              },
              {
                "name": "HPSBGN03191",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=141576815022399\u0026w=2"
              },
              {
                "name": "openSUSE-SU-2014:0496",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00006.html"
              },
              {
                "name": "SUSE-SU-2014:0474",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00002.html"
              },
              {
                "name": "57404",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/57404"
              },
              {
                "name": "[oss-security] 20140312 Re: lighttpd 1.4.34 SQL injection and path traversal CVE request",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://seclists.org/oss-sec/2014/q1/564"
              },
              {
                "name": "[oss-security] 20140312 lighttpd 1.4.34 SQL injection and path traversal CVE request",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://seclists.org/oss-sec/2014/q1/561"
              },
              {
                "name": "JVN#37417423",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "http://jvn.jp/en/jp/JVN37417423/index.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2014-03-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "SQL injection vulnerability in mod_mysql_vhost.c in lighttpd before 1.4.35 allows remote attackers to execute arbitrary SQL commands via the host name, related to request_check_hostname."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-02-19T04:06:07.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.lighttpd.net/2014/3/12/1.4.35/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2014_01.txt"
            },
            {
              "name": "DSA-2877",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2014/dsa-2877"
            },
            {
              "name": "openSUSE-SU-2014:0449",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00023.html"
            },
            {
              "name": "57514",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/57514"
            },
            {
              "name": "HPSBGN03191",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=141576815022399\u0026w=2"
            },
            {
              "name": "openSUSE-SU-2014:0496",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00006.html"
            },
            {
              "name": "SUSE-SU-2014:0474",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00002.html"
            },
            {
              "name": "57404",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/57404"
            },
            {
              "name": "[oss-security] 20140312 Re: lighttpd 1.4.34 SQL injection and path traversal CVE request",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://seclists.org/oss-sec/2014/q1/564"
            },
            {
              "name": "[oss-security] 20140312 lighttpd 1.4.34 SQL injection and path traversal CVE request",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://seclists.org/oss-sec/2014/q1/561"
            },
            {
              "name": "JVN#37417423",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "http://jvn.jp/en/jp/JVN37417423/index.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2014-2323",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "SQL injection vulnerability in mod_mysql_vhost.c in lighttpd before 1.4.35 allows remote attackers to execute arbitrary SQL commands via the host name, related to request_check_hostname."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.lighttpd.net/2014/3/12/1.4.35/",
                  "refsource": "CONFIRM",
                  "url": "http://www.lighttpd.net/2014/3/12/1.4.35/"
                },
                {
                  "name": "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2014_01.txt",
                  "refsource": "CONFIRM",
                  "url": "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2014_01.txt"
                },
                {
                  "name": "DSA-2877",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2014/dsa-2877"
                },
                {
                  "name": "openSUSE-SU-2014:0449",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00023.html"
                },
                {
                  "name": "57514",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/57514"
                },
                {
                  "name": "HPSBGN03191",
                  "refsource": "HP",
                  "url": "http://marc.info/?l=bugtraq\u0026m=141576815022399\u0026w=2"
                },
                {
                  "name": "openSUSE-SU-2014:0496",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00006.html"
                },
                {
                  "name": "SUSE-SU-2014:0474",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00002.html"
                },
                {
                  "name": "57404",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/57404"
                },
                {
                  "name": "[oss-security] 20140312 Re: lighttpd 1.4.34 SQL injection and path traversal CVE request",
                  "refsource": "MLIST",
                  "url": "http://seclists.org/oss-sec/2014/q1/564"
                },
                {
                  "name": "[oss-security] 20140312 lighttpd 1.4.34 SQL injection and path traversal CVE request",
                  "refsource": "MLIST",
                  "url": "http://seclists.org/oss-sec/2014/q1/561"
                },
                {
                  "name": "JVN#37417423",
                  "refsource": "JVN",
                  "url": "http://jvn.jp/en/jp/JVN37417423/index.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2014-2323",
        "datePublished": "2014-03-14T15:00:00.000Z",
        "dateReserved": "2014-03-12T00:00:00.000Z",
        "dateUpdated": "2024-08-06T10:06:00.483Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-4560 (GCVE-0-2013-4560)

    Vulnerability from nvd – Published: 2013-11-19 19:00 – Updated: 2024-08-06 16:45
    VLAI
    Summary
    Use-after-free vulnerability in lighttpd before 1.4.33 allows remote attackers to cause a denial of service (segmentation fault and crash) via unspecified vectors that trigger FAMMonitorDirectory failures.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/55682 third-party-advisoryx_refsource_SECUNIA
    http://marc.info/?l=bugtraq&m=141576815022399&w=2 vendor-advisoryx_refsource_HP
    http://download.lighttpd.net/lighttpd/security/li… x_refsource_CONFIRM
    http://lists.opensuse.org/opensuse-updates/2014-0… vendor-advisoryx_refsource_SUSE
    https://www.debian.org/security/2013/dsa-2795 vendor-advisoryx_refsource_DEBIAN
    http://www.openwall.com/lists/oss-security/2013/11/12/4 mailing-listx_refsource_MLIST
    http://jvn.jp/en/jp/JVN37417423/index.html third-party-advisoryx_refsource_JVN
    Date Public
    2013-11-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T16:45:14.824Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "55682",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/55682"
              },
              {
                "name": "HPSBGN03191",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=141576815022399\u0026w=2"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2013_03.txt"
              },
              {
                "name": "openSUSE-SU-2014:0072",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00049.html"
              },
              {
                "name": "DSA-2795",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2013/dsa-2795"
              },
              {
                "name": "[oss-security] 20131112 Re: CVE Request: lighttpd multiple issues (setuid/... unchecked return value, FAM: read after free)",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2013/11/12/4"
              },
              {
                "name": "JVN#37417423",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "http://jvn.jp/en/jp/JVN37417423/index.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-11-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Use-after-free vulnerability in lighttpd before 1.4.33 allows remote attackers to cause a denial of service (segmentation fault and crash) via unspecified vectors that trigger FAMMonitorDirectory failures."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-02-19T04:06:12.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "55682",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/55682"
            },
            {
              "name": "HPSBGN03191",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=141576815022399\u0026w=2"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2013_03.txt"
            },
            {
              "name": "openSUSE-SU-2014:0072",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00049.html"
            },
            {
              "name": "DSA-2795",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "https://www.debian.org/security/2013/dsa-2795"
            },
            {
              "name": "[oss-security] 20131112 Re: CVE Request: lighttpd multiple issues (setuid/... unchecked return value, FAM: read after free)",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2013/11/12/4"
            },
            {
              "name": "JVN#37417423",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "http://jvn.jp/en/jp/JVN37417423/index.html"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2013-4560",
        "datePublished": "2013-11-19T19:00:00.000Z",
        "dateReserved": "2013-06-12T00:00:00.000Z",
        "dateUpdated": "2024-08-06T16:45:14.824Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-4559 (GCVE-0-2013-4559)

    Vulnerability from nvd – Published: 2013-11-19 19:00 – Updated: 2024-08-06 16:45
    VLAI
    Summary
    lighttpd before 1.4.33 does not check the return value of the (1) setuid, (2) setgid, or (3) setgroups functions, which might cause lighttpd to run as root if it is restarted and allows remote attackers to gain privileges, as demonstrated by multiple calls to the clone function that cause setuid to fail when the user process limit is reached.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/55682 third-party-advisoryx_refsource_SECUNIA
    http://marc.info/?l=bugtraq&m=141576815022399&w=2 vendor-advisoryx_refsource_HP
    http://download.lighttpd.net/lighttpd/security/li… x_refsource_CONFIRM
    http://lists.opensuse.org/opensuse-updates/2014-0… vendor-advisoryx_refsource_SUSE
    https://www.debian.org/security/2013/dsa-2795 vendor-advisoryx_refsource_DEBIAN
    http://www.openwall.com/lists/oss-security/2013/11/12/4 mailing-listx_refsource_MLIST
    https://kc.mcafee.com/corporate/index?page=conten… x_refsource_CONFIRM
    http://jvn.jp/en/jp/JVN37417423/index.html third-party-advisoryx_refsource_JVN
    Date Public
    2013-11-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T16:45:14.842Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "55682",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/55682"
              },
              {
                "name": "HPSBGN03191",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=141576815022399\u0026w=2"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2013_02.txt"
              },
              {
                "name": "openSUSE-SU-2014:0072",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00049.html"
              },
              {
                "name": "DSA-2795",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2013/dsa-2795"
              },
              {
                "name": "[oss-security] 20131112 Re: CVE Request: lighttpd multiple issues (setuid/... unchecked return value, FAM: read after free)",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2013/11/12/4"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10310"
              },
              {
                "name": "JVN#37417423",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "http://jvn.jp/en/jp/JVN37417423/index.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-11-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "lighttpd before 1.4.33 does not check the return value of the (1) setuid, (2) setgid, or (3) setgroups functions, which might cause lighttpd to run as root if it is restarted and allows remote attackers to gain privileges, as demonstrated by multiple calls to the clone function that cause setuid to fail when the user process limit is reached."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-02-19T04:06:13.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "55682",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/55682"
            },
            {
              "name": "HPSBGN03191",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=141576815022399\u0026w=2"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2013_02.txt"
            },
            {
              "name": "openSUSE-SU-2014:0072",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00049.html"
            },
            {
              "name": "DSA-2795",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "https://www.debian.org/security/2013/dsa-2795"
            },
            {
              "name": "[oss-security] 20131112 Re: CVE Request: lighttpd multiple issues (setuid/... unchecked return value, FAM: read after free)",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2013/11/12/4"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10310"
            },
            {
              "name": "JVN#37417423",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "http://jvn.jp/en/jp/JVN37417423/index.html"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2013-4559",
        "datePublished": "2013-11-19T19:00:00.000Z",
        "dateReserved": "2013-06-12T00:00:00.000Z",
        "dateUpdated": "2024-08-06T16:45:14.842Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2025-12642 (GCVE-0-2025-12642)

    Vulnerability from cvelistv5 – Published: 2025-11-03 19:36 – Updated: 2025-11-03 19:44
    VLAI
    Title
    HTTP Header Smuggling via Trailer Merge
    Summary
    lighttpd1.4.80 incorrectly merged trailer fields into headers after http request parsing. This behavior can be exploited to conduct HTTP Header Smuggling attacks. Successful exploitation may allow an attacker to: * Bypass access control rules * Inject unsafe input into backend logic that trusts request headers * Execute HTTP Request Smuggling attacks under some conditions This issue affects lighttpd1.4.80
    SSVC
    Exploitation: none Automatable: yes Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • CWE-444 - Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling')
    Assigner
    Impacted products
    Vendor Product Version
    lighttpd lighttpd Affected: 1.4.80 , < 1.4.81 (custom)
    Create a notification for this product.
    Credits
    Sebastiano Sartor <@sebsrt>
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2025-12642",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "yes"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-11-03T19:43:55.914894Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-11-03T19:44:09.174Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "defaultStatus": "unaffected",
              "modules": [
                "mod_proxy"
              ],
              "packageName": "lighttpd1.4",
              "product": "lighttpd",
              "repo": "https://git.lighttpd.net/lighttpd/lighttpd1.4",
              "vendor": "lighttpd",
              "versions": [
                {
                  "lessThan": "1.4.81",
                  "status": "affected",
                  "version": "1.4.80",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "cpeApplicability": [
            {
              "nodes": [
                {
                  "cpeMatch": [
                    {
                      "criteria": "cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*",
                      "versionEndExcluding": "1.4.81",
                      "versionStartIncluding": "1.4.80",
                      "vulnerable": true
                    }
                  ],
                  "negate": false,
                  "operator": "OR"
                }
              ],
              "operator": "OR"
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Sebastiano Sartor \u003c@sebsrt\u003e"
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "\u003cp\u003elighttpd1.4.80 incorrectly merged trailer fields into headers\u0026nbsp;after http request parsing. This behavior can be exploited to conduct HTTP Header Smuggling attacks.\u003c/p\u003e\u003cp\u003eSuccessful exploitation may allow an attacker to:\u003c/p\u003e\u003cul\u003e\u003cli\u003eBypass access control rules\u003c/li\u003e\u003cli\u003eInject unsafe input into backend logic that trusts request headers\u003c/li\u003e\u003cli\u003eExecute HTTP Request Smuggling attacks under some conditions\u003c/li\u003e\u003c/ul\u003e\u003cp\u003eThis issue affects lighttpd1.4.80\u003c/p\u003e"
                }
              ],
              "value": "lighttpd1.4.80 incorrectly merged trailer fields into headers\u00a0after http request parsing. This behavior can be exploited to conduct HTTP Header Smuggling attacks.\n\nSuccessful exploitation may allow an attacker to:\n\n  *  Bypass access control rules\n  *  Inject unsafe input into backend logic that trusts request headers\n  *  Execute HTTP Request Smuggling attacks under some conditions\n\n\nThis issue affects lighttpd1.4.80"
            }
          ],
          "impacts": [
            {
              "capecId": "CAPEC-554",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-554 Functionality Bypass"
                }
              ]
            },
            {
              "capecId": "CAPEC-33",
              "descriptions": [
                {
                  "lang": "en",
                  "value": "CAPEC-33 HTTP Request Smuggling"
                }
              ]
            }
          ],
          "metrics": [
            {
              "cvssV4_0": {
                "Automatable": "NOT_DEFINED",
                "Recovery": "NOT_DEFINED",
                "Safety": "NOT_DEFINED",
                "attackComplexity": "LOW",
                "attackRequirements": "NONE",
                "attackVector": "NETWORK",
                "baseScore": 6.9,
                "baseSeverity": "MEDIUM",
                "exploitMaturity": "NOT_DEFINED",
                "privilegesRequired": "NONE",
                "providerUrgency": "NOT_DEFINED",
                "subAvailabilityImpact": "NONE",
                "subConfidentialityImpact": "NONE",
                "subIntegrityImpact": "LOW",
                "userInteraction": "NONE",
                "valueDensity": "NOT_DEFINED",
                "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:N/SI:L/SA:N",
                "version": "4.0",
                "vulnAvailabilityImpact": "NONE",
                "vulnConfidentialityImpact": "NONE",
                "vulnIntegrityImpact": "NONE",
                "vulnerabilityResponseEffort": "NOT_DEFINED"
              },
              "format": "CVSS",
              "scenarios": [
                {
                  "lang": "en",
                  "value": "GENERAL"
                }
              ]
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "cweId": "CWE-444",
                  "description": "CWE-444 Inconsistent Interpretation of HTTP Requests (\u0027HTTP Request/Response Smuggling\u0027)",
                  "lang": "en",
                  "type": "CWE"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2025-11-03T19:36:17.011Z",
            "orgId": "1c6b5737-9389-4011-8117-89fa251edfb2",
            "shortName": "Toreon"
          },
          "references": [
            {
              "url": "https://github.com/lighttpd/lighttpd1.4/commit/35cb89c103877de62d6b63d0804255475d77e5e1"
            }
          ],
          "source": {
            "discovery": "UNKNOWN"
          },
          "title": "HTTP Header Smuggling via Trailer Merge",
          "x_generator": {
            "engine": "Vulnogram 0.4.0"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "1c6b5737-9389-4011-8117-89fa251edfb2",
        "assignerShortName": "Toreon",
        "cveId": "CVE-2025-12642",
        "datePublished": "2025-11-03T19:36:17.011Z",
        "dateReserved": "2025-11-03T19:34:17.666Z",
        "dateUpdated": "2025-11-03T19:44:09.174Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2018-25103 (GCVE-0-2018-25103)

    Vulnerability from cvelistv5 – Published: 2024-06-17 18:02 – Updated: 2025-09-15 20:05
    VLAI
    Title
    Use-after-free vulnerabilities in lighttpd <= 1.4.50
    Summary
    There exists use-after-free vulnerabilities in lighttpd <= 1.4.50 request parsing which might read from invalid pointers to memory used in the same request, not from other requests.
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    Assigner
    Impacted products
    Vendor Product Version
    lighttpd lighttpd Affected: * , ≤ 1.4.50 (custom)
    Create a notification for this product.
    lighttpd lighttpd Affected: 0 , ≤ 1.4.50 (custom)
        cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*
    Create a notification for this product.
    Credits
    Thanks to VDOO Embedded Security part of JFROG for reporting the vulnerability in the If-Modified-Since header with line folding, and thanks to Marcus Wengelin for reporting the vulnerability in the Range header with a specially crafted pair of Range headers.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "affected": [
              {
                "cpes": [
                  "cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*"
                ],
                "defaultStatus": "unknown",
                "product": "lighttpd",
                "vendor": "lighttpd",
                "versions": [
                  {
                    "lessThanOrEqual": "1.4.50",
                    "status": "affected",
                    "version": "0",
                    "versionType": "custom"
                  }
                ]
              }
            ],
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "NONE",
                  "baseScore": 5.3,
                  "baseSeverity": "MEDIUM",
                  "confidentialityImpact": "LOW",
                  "integrityImpact": "NONE",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "NONE",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2018-25103",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-09-15T20:05:27.032213Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-09-15T20:05:35.756Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T12:33:49.277Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://blogvdoo.wordpress.com/2018/11/06/giving-back-securing-open-source-iot-projects/#more-736"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.runzero.com/blog/lighttpd/"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/lighttpd/lighttpd1.4/commit/df8e4f95614e476276a55e34da2aa8b00b1148e9"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/lighttpd/lighttpd1.4/commit/d161f53de04bc826ce1bdaeb3dce2c72ca50a3f8"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/2024/AMI-SA-2024002.pdf"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://www.kb.cert.org/vuls/id/312260"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "lighttpd",
              "vendor": "lighttpd",
              "versions": [
                {
                  "lessThanOrEqual": "1.4.50",
                  "status": "affected",
                  "version": "*",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "credits": [
            {
              "lang": "en",
              "type": "finder",
              "value": "Thanks to VDOO Embedded Security part of JFROG for reporting the vulnerability in the If-Modified-Since header with line folding, and thanks to Marcus Wengelin for reporting the vulnerability in the Range header with a specially crafted pair of Range headers."
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "There exists use-after-free vulnerabilities in lighttpd \u003c= 1.4.50 request parsing which might read from invalid pointers to memory used in the same request, not from other requests."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "CWE-416: Use After Free",
                  "lang": "en"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2024-07-09T14:45:06.732Z",
            "orgId": "37e5125f-f79b-445b-8fad-9564f167944b",
            "shortName": "certcc"
          },
          "references": [
            {
              "url": "https://blogvdoo.wordpress.com/2018/11/06/giving-back-securing-open-source-iot-projects/#more-736"
            },
            {
              "url": "https://www.runzero.com/blog/lighttpd/"
            },
            {
              "url": "https://github.com/lighttpd/lighttpd1.4/commit/df8e4f95614e476276a55e34da2aa8b00b1148e9"
            },
            {
              "url": "https://github.com/lighttpd/lighttpd1.4/commit/d161f53de04bc826ce1bdaeb3dce2c72ca50a3f8"
            },
            {
              "url": "https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/2024/AMI-SA-2024002.pdf"
            },
            {
              "url": "https://www.kb.cert.org/vuls/id/312260"
            }
          ],
          "source": {
            "discovery": "EXTERNAL"
          },
          "title": "Use-after-free vulnerabilities in lighttpd \u003c= 1.4.50",
          "x_generator": {
            "engine": "VINCE 3.0.4",
            "env": "prod",
            "origin": "https://cveawg.mitre.org/api/cve/CVE-2018-25103"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b",
        "assignerShortName": "certcc",
        "cveId": "CVE-2018-25103",
        "datePublished": "2024-06-17T18:02:57.162Z",
        "dateReserved": "2024-06-17T17:47:24.277Z",
        "dateUpdated": "2025-09-15T20:05:35.756Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2024-3708 (GCVE-0-2024-3708)

    Vulnerability from cvelistv5 – Published: 2024-05-23 00:11 – Updated: 2024-07-09 15:06
    VLAI

    This CVE ID has been rejected or withdrawn by its CVE Numbering Authority.

    Show details on NVD website

    {
      "containers": {
        "cna": {
          "providerMetadata": {
            "dateUpdated": "2024-07-09T15:06:37.504Z",
            "orgId": "7e9044f1-7f56-4c38-8864-c0c7302263d6",
            "shortName": "AMI"
          },
          "rejectedReasons": [
            {
              "lang": "en",
              "supportingMedia": [
                {
                  "base64": false,
                  "type": "text/html",
                  "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
                }
              ],
              "value": "This CVE ID has been rejected or withdrawn by its CVE Numbering Authority."
            }
          ],
          "x_generator": {
            "engine": "Vulnogram 0.1.0-dev"
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "7e9044f1-7f56-4c38-8864-c0c7302263d6",
        "assignerShortName": "AMI",
        "cveId": "CVE-2024-3708",
        "datePublished": "2024-05-23T00:11:32.655Z",
        "dateRejected": "2024-07-09T15:06:37.504Z",
        "dateReserved": "2024-04-12T12:26:57.356Z",
        "dateUpdated": "2024-07-09T15:06:37.504Z",
        "state": "REJECTED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-41556 (GCVE-0-2022-41556)

    Vulnerability from cvelistv5 – Published: 2022-10-06 00:00 – Updated: 2024-08-03 12:42
    VLAI
    Summary
    A resource leak in gw_backend.c in lighttpd 1.4.56 through 1.4.66 could lead to a denial of service (connection-slot exhaustion) after a large amount of anomalous TCP behavior by clients. It is related to RDHUP mishandling in certain HTTP/1.1 chunked situations. Use of mod_fastcgi is, for example, affected. This is fixed in 1.4.67.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T12:42:46.654Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://git.lighttpd.net/lighttpd/lighttpd1.4/commit/b18de6f9264f914f7bf493abd3b6059343548e50"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/lighttpd/lighttpd1.4/pull/115"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://github.com/lighttpd/lighttpd1.4/compare/lighttpd-1.4.66...lighttpd-1.4.67"
              },
              {
                "name": "FEDORA-2022-c26b19568d",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OVOSBSCMLGCHH2Z74H64ZWVDFJFQTBC2/"
              },
              {
                "name": "GLSA-202210-12",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202210-12"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "A resource leak in gw_backend.c in lighttpd 1.4.56 through 1.4.66 could lead to a denial of service (connection-slot exhaustion) after a large amount of anomalous TCP behavior by clients. It is related to RDHUP mishandling in certain HTTP/1.1 chunked situations. Use of mod_fastcgi is, for example, affected. This is fixed in 1.4.67."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-31T00:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://git.lighttpd.net/lighttpd/lighttpd1.4/commit/b18de6f9264f914f7bf493abd3b6059343548e50"
            },
            {
              "url": "https://github.com/lighttpd/lighttpd1.4/pull/115"
            },
            {
              "url": "https://github.com/lighttpd/lighttpd1.4/compare/lighttpd-1.4.66...lighttpd-1.4.67"
            },
            {
              "name": "FEDORA-2022-c26b19568d",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/OVOSBSCMLGCHH2Z74H64ZWVDFJFQTBC2/"
            },
            {
              "name": "GLSA-202210-12",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security.gentoo.org/glsa/202210-12"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2022-41556",
        "datePublished": "2022-10-06T00:00:00.000Z",
        "dateReserved": "2022-09-26T00:00:00.000Z",
        "dateUpdated": "2024-08-03T12:42:46.654Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-37797 (GCVE-0-2022-37797)

    Vulnerability from cvelistv5 – Published: 2022-09-12 00:00 – Updated: 2024-08-03 10:37
    VLAI
    Summary
    In lighttpd 1.4.65, mod_wstunnel does not initialize a handler function pointer if an invalid HTTP request (websocket handshake) is received. It leads to null pointer dereference which crashes the server. It could be used by an external attacker to cause denial of service condition.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T10:37:41.657Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://redmine.lighttpd.net/issues/3165"
              },
              {
                "name": "DSA-5243",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2022/dsa-5243"
              },
              {
                "name": "[debian-lts-announce] 20221003 [SECURITY] [DLA 3133-1] lighttpd security update",
                "tags": [
                  "mailing-list",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00002.html"
              },
              {
                "name": "GLSA-202210-12",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202210-12"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In lighttpd 1.4.65, mod_wstunnel does not initialize a handler function pointer if an invalid HTTP request (websocket handshake) is received. It leads to null pointer dereference which crashes the server. It could be used by an external attacker to cause denial of service condition."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-10-31T00:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "url": "https://redmine.lighttpd.net/issues/3165"
            },
            {
              "name": "DSA-5243",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.debian.org/security/2022/dsa-5243"
            },
            {
              "name": "[debian-lts-announce] 20221003 [SECURITY] [DLA 3133-1] lighttpd security update",
              "tags": [
                "mailing-list"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2022/10/msg00002.html"
            },
            {
              "name": "GLSA-202210-12",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://security.gentoo.org/glsa/202210-12"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2022-37797",
        "datePublished": "2022-09-12T00:00:00.000Z",
        "dateReserved": "2022-08-08T00:00:00.000Z",
        "dateUpdated": "2024-08-03T10:37:41.657Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-30780 (GCVE-0-2022-30780)

    Vulnerability from cvelistv5 – Published: 2022-06-11 14:40 – Updated: 2024-08-03 06:56
    VLAI
    Summary
    Lighttpd 1.4.56 through 1.4.58 allows a remote attacker to cause a denial of service (CPU consumption from stuck connections) because connection_read_header_more in connections.c has a typo that disrupts use of multiple read operations on large headers.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T06:56:14.103Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/lighttpd/lighttpd1.4"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://redmine.lighttpd.net/issues/3059"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://podalirius.net/en/cves/2022-30780/"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/p0dalirius/CVE-2022-30780-lighttpd-denial-of-service"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Lighttpd 1.4.56 through 1.4.58 allows a remote attacker to cause a denial of service (CPU consumption from stuck connections) because connection_read_header_more in connections.c has a typo that disrupts use of multiple read operations on large headers."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-06-11T14:40:53.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/lighttpd/lighttpd1.4"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://redmine.lighttpd.net/issues/3059"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://podalirius.net/en/cves/2022-30780/"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/p0dalirius/CVE-2022-30780-lighttpd-denial-of-service"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2022-30780",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Lighttpd 1.4.56 through 1.4.58 allows a remote attacker to cause a denial of service (CPU consumption from stuck connections) because connection_read_header_more in connections.c has a typo that disrupts use of multiple read operations on large headers."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://github.com/lighttpd/lighttpd1.4",
                  "refsource": "MISC",
                  "url": "https://github.com/lighttpd/lighttpd1.4"
                },
                {
                  "name": "https://redmine.lighttpd.net/issues/3059",
                  "refsource": "MISC",
                  "url": "https://redmine.lighttpd.net/issues/3059"
                },
                {
                  "name": "https://podalirius.net/en/cves/2022-30780/",
                  "refsource": "MISC",
                  "url": "https://podalirius.net/en/cves/2022-30780/"
                },
                {
                  "name": "https://github.com/p0dalirius/CVE-2022-30780-lighttpd-denial-of-service",
                  "refsource": "MISC",
                  "url": "https://github.com/p0dalirius/CVE-2022-30780-lighttpd-denial-of-service"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2022-30780",
        "datePublished": "2022-06-11T14:40:53.000Z",
        "dateReserved": "2022-05-16T00:00:00.000Z",
        "dateUpdated": "2024-08-03T06:56:14.103Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2022-22707 (GCVE-0-2022-22707)

    Vulnerability from cvelistv5 – Published: 2022-01-06 05:55 – Updated: 2024-08-03 03:21
    VLAI
    Summary
    In lighttpd 1.4.46 through 1.4.63, the mod_extforward_Forwarded function of the mod_extforward plugin has a stack-based buffer overflow (4 bytes representing -1), as demonstrated by remote denial of service (daemon crash) in a non-default configuration. The non-default configuration requires handling of the Forwarded header in a somewhat unusual manner. Also, a 32-bit system is much more likely to be affected than a 64-bit system.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://redmine.lighttpd.net/issues/3134 x_refsource_MISC
    https://www.debian.org/security/2022/dsa-5040 vendor-advisoryx_refsource_DEBIAN
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-03T03:21:48.853Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://redmine.lighttpd.net/issues/3134"
              },
              {
                "name": "DSA-5040",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2022/dsa-5040"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "In lighttpd 1.4.46 through 1.4.63, the mod_extforward_Forwarded function of the mod_extforward plugin has a stack-based buffer overflow (4 bytes representing -1), as demonstrated by remote denial of service (daemon crash) in a non-default configuration. The non-default configuration requires handling of the Forwarded header in a somewhat unusual manner. Also, a 32-bit system is much more likely to be affected than a 64-bit system."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-01-12T10:06:30.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://redmine.lighttpd.net/issues/3134"
            },
            {
              "name": "DSA-5040",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "https://www.debian.org/security/2022/dsa-5040"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2022-22707",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In lighttpd 1.4.46 through 1.4.63, the mod_extforward_Forwarded function of the mod_extforward plugin has a stack-based buffer overflow (4 bytes representing -1), as demonstrated by remote denial of service (daemon crash) in a non-default configuration. The non-default configuration requires handling of the Forwarded header in a somewhat unusual manner. Also, a 32-bit system is much more likely to be affected than a 64-bit system."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://redmine.lighttpd.net/issues/3134",
                  "refsource": "MISC",
                  "url": "https://redmine.lighttpd.net/issues/3134"
                },
                {
                  "name": "DSA-5040",
                  "refsource": "DEBIAN",
                  "url": "https://www.debian.org/security/2022/dsa-5040"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2022-22707",
        "datePublished": "2022-01-06T05:55:30.000Z",
        "dateReserved": "2022-01-06T00:00:00.000Z",
        "dateUpdated": "2024-08-03T03:21:48.853Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-11072 (GCVE-0-2019-11072)

    Vulnerability from cvelistv5 – Published: 2019-04-10 21:04 – Updated: 2024-08-04 22:40 Disputed
    VLAI
    Summary
    lighttpd before 1.4.54 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a malicious HTTP GET request, as demonstrated by mishandling of /%2F? in burl_normalize_2F_to_slash_fix in burl.c. NOTE: The developer states "The feature which can be abused to cause the crash is a new feature in lighttpd 1.4.50, and is not enabled by default. It must be explicitly configured in the config file (e.g. lighttpd.conf). Certain input will trigger an abort() in lighttpd when that feature is enabled. lighttpd detects the underflow or realloc() will fail (in both 32-bit and 64-bit executables), also detected in lighttpd. Either triggers an explicit abort() by lighttpd. This is not exploitable beyond triggering the explicit abort() with subsequent application exit.
    Severity
    No CVSS data available.
    SSVC
    Exploitation: poc Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • n/a
    Assigner
    References
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2019-11072",
                    "options": [
                      {
                        "Exploitation": "poc"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-06-11T20:27:33.982094Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-06-11T20:27:43.773Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          },
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T22:40:16.264Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://redmine.lighttpd.net/issues/2945"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/lighttpd/lighttpd1.4/commit/32120d5b8b3203fc21ccb9eafb0eaf824bb59354"
              },
              {
                "name": "107907",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/107907"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "lighttpd before 1.4.54 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a malicious HTTP GET request, as demonstrated by mishandling of /%2F? in burl_normalize_2F_to_slash_fix in burl.c. NOTE: The developer states \"The feature which can be abused to cause the crash is a new feature in lighttpd 1.4.50, and is not enabled by default. It must be explicitly configured in the config file (e.g. lighttpd.conf). Certain input will trigger an abort() in lighttpd when that feature is enabled. lighttpd detects the underflow or realloc() will fail (in both 32-bit and 64-bit executables), also detected in lighttpd. Either triggers an explicit abort() by lighttpd. This is not exploitable beyond triggering the explicit abort() with subsequent application exit."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-04-23T19:33:44.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://redmine.lighttpd.net/issues/2945"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/lighttpd/lighttpd1.4/commit/32120d5b8b3203fc21ccb9eafb0eaf824bb59354"
            },
            {
              "name": "107907",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/107907"
            }
          ],
          "tags": [
            "disputed"
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2019-11072",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "** DISPUTED ** lighttpd before 1.4.54 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a malicious HTTP GET request, as demonstrated by mishandling of /%2F? in burl_normalize_2F_to_slash_fix in burl.c. NOTE: The developer states \"The feature which can be abused to cause the crash is a new feature in lighttpd 1.4.50, and is not enabled by default. It must be explicitly configured in the config file (e.g. lighttpd.conf). Certain input will trigger an abort() in lighttpd when that feature is enabled. lighttpd detects the underflow or realloc() will fail (in both 32-bit and 64-bit executables), also detected in lighttpd. Either triggers an explicit abort() by lighttpd. This is not exploitable beyond triggering the explicit abort() with subsequent application exit.\""
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://redmine.lighttpd.net/issues/2945",
                  "refsource": "MISC",
                  "url": "https://redmine.lighttpd.net/issues/2945"
                },
                {
                  "name": "https://github.com/lighttpd/lighttpd1.4/commit/32120d5b8b3203fc21ccb9eafb0eaf824bb59354",
                  "refsource": "MISC",
                  "url": "https://github.com/lighttpd/lighttpd1.4/commit/32120d5b8b3203fc21ccb9eafb0eaf824bb59354"
                },
                {
                  "name": "107907",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/107907"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2019-11072",
        "datePublished": "2019-04-10T21:04:57.000Z",
        "dateReserved": "2019-04-10T00:00:00.000Z",
        "dateUpdated": "2024-08-04T22:40:16.264Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2018-19052 (GCVE-0-2018-19052)

    Vulnerability from cvelistv5 – Published: 2018-11-07 05:00 – Updated: 2024-08-05 11:30
    VLAI
    Summary
    An issue was discovered in mod_alias_physical_handler in mod_alias.c in lighttpd before 1.4.50. There is potential ../ path traversal of a single directory above an alias target, with a specific mod_alias configuration where the matched alias lacks a trailing '/' character, but the alias target filesystem path does have a trailing '/' character.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2018-11-06 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T11:30:04.022Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://github.com/lighttpd/lighttpd1.4/commit/2105dae0f9d7a964375ce681e53cb165375f84c1"
              },
              {
                "name": "openSUSE-SU-2019:2347",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00054.html"
              },
              {
                "name": "[debian-lts-announce] 20220118 [SECURITY] [DLA 2879-1] lighttpd security update",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00012.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2018-11-06T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "An issue was discovered in mod_alias_physical_handler in mod_alias.c in lighttpd before 1.4.50. There is potential ../ path traversal of a single directory above an alias target, with a specific mod_alias configuration where the matched alias lacks a trailing \u0027/\u0027 character, but the alias target filesystem path does have a trailing \u0027/\u0027 character."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-01-18T20:06:17.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://github.com/lighttpd/lighttpd1.4/commit/2105dae0f9d7a964375ce681e53cb165375f84c1"
            },
            {
              "name": "openSUSE-SU-2019:2347",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00054.html"
            },
            {
              "name": "[debian-lts-announce] 20220118 [SECURITY] [DLA 2879-1] lighttpd security update",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00012.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2018-19052",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "An issue was discovered in mod_alias_physical_handler in mod_alias.c in lighttpd before 1.4.50. There is potential ../ path traversal of a single directory above an alias target, with a specific mod_alias configuration where the matched alias lacks a trailing \u0027/\u0027 character, but the alias target filesystem path does have a trailing \u0027/\u0027 character."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://github.com/lighttpd/lighttpd1.4/commit/2105dae0f9d7a964375ce681e53cb165375f84c1",
                  "refsource": "MISC",
                  "url": "https://github.com/lighttpd/lighttpd1.4/commit/2105dae0f9d7a964375ce681e53cb165375f84c1"
                },
                {
                  "name": "openSUSE-SU-2019:2347",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00054.html"
                },
                {
                  "name": "[debian-lts-announce] 20220118 [SECURITY] [DLA 2879-1] lighttpd security update",
                  "refsource": "MLIST",
                  "url": "https://lists.debian.org/debian-lts-announce/2022/01/msg00012.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2018-19052",
        "datePublished": "2018-11-07T05:00:00.000Z",
        "dateReserved": "2018-11-06T00:00:00.000Z",
        "dateUpdated": "2024-08-05T11:30:04.022Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2015-3200 (GCVE-0-2015-3200)

    Vulnerability from cvelistv5 – Published: 2015-06-09 14:00 – Updated: 2024-08-06 05:39
    VLAI
    Summary
    mod_auth in lighttpd before 1.4.36 allows remote attackers to inject arbitrary log entries via a basic HTTP authentication string without a colon character, as demonstrated by a string containing a NULL and new line character.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2015-05-25 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T05:39:31.929Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "74813",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/74813"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05247375"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://redmine.lighttpd.net/issues/2646"
              },
              {
                "name": "1032405",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id/1032405"
              },
              {
                "name": "FEDORA-2015-12252",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163223.html"
              },
              {
                "name": "FEDORA-2015-12250",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163286.html"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://jaanuskp.blogspot.com/2015/05/cve-2015-3200.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10310"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2015-05-25T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "mod_auth in lighttpd before 1.4.36 allows remote attackers to inject arbitrary log entries via a basic HTTP authentication string without a colon character, as demonstrated by a string containing a NULL and new line character."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2020-03-18T07:06:06.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "74813",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/74813"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05247375"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://redmine.lighttpd.net/issues/2646"
            },
            {
              "name": "1032405",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id/1032405"
            },
            {
              "name": "FEDORA-2015-12252",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163223.html"
            },
            {
              "name": "FEDORA-2015-12250",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-August/163286.html"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://jaanuskp.blogspot.com/2015/05/cve-2015-3200.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10310"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2015-3200",
        "datePublished": "2015-06-09T14:00:00.000Z",
        "dateReserved": "2015-04-10T00:00:00.000Z",
        "dateUpdated": "2024-08-06T05:39:31.929Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2014-2323 (GCVE-0-2014-2323)

    Vulnerability from cvelistv5 – Published: 2014-03-14 15:00 – Updated: 2024-08-06 10:06
    VLAI
    Summary
    SQL injection vulnerability in mod_mysql_vhost.c in lighttpd before 1.4.35 allows remote attackers to execute arbitrary SQL commands via the host name, related to request_check_hostname.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.lighttpd.net/2014/3/12/1.4.35/ x_refsource_CONFIRM
    http://download.lighttpd.net/lighttpd/security/li… x_refsource_CONFIRM
    http://www.debian.org/security/2014/dsa-2877 vendor-advisoryx_refsource_DEBIAN
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://secunia.com/advisories/57514 third-party-advisoryx_refsource_SECUNIA
    http://marc.info/?l=bugtraq&m=141576815022399&w=2 vendor-advisoryx_refsource_HP
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://secunia.com/advisories/57404 third-party-advisoryx_refsource_SECUNIA
    http://seclists.org/oss-sec/2014/q1/564 mailing-listx_refsource_MLIST
    http://seclists.org/oss-sec/2014/q1/561 mailing-listx_refsource_MLIST
    http://jvn.jp/en/jp/JVN37417423/index.html third-party-advisoryx_refsource_JVN
    Date Public
    2014-03-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T10:06:00.483Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.lighttpd.net/2014/3/12/1.4.35/"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2014_01.txt"
              },
              {
                "name": "DSA-2877",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2014/dsa-2877"
              },
              {
                "name": "openSUSE-SU-2014:0449",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00023.html"
              },
              {
                "name": "57514",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/57514"
              },
              {
                "name": "HPSBGN03191",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=141576815022399\u0026w=2"
              },
              {
                "name": "openSUSE-SU-2014:0496",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00006.html"
              },
              {
                "name": "SUSE-SU-2014:0474",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00002.html"
              },
              {
                "name": "57404",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/57404"
              },
              {
                "name": "[oss-security] 20140312 Re: lighttpd 1.4.34 SQL injection and path traversal CVE request",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://seclists.org/oss-sec/2014/q1/564"
              },
              {
                "name": "[oss-security] 20140312 lighttpd 1.4.34 SQL injection and path traversal CVE request",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://seclists.org/oss-sec/2014/q1/561"
              },
              {
                "name": "JVN#37417423",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "http://jvn.jp/en/jp/JVN37417423/index.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2014-03-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "SQL injection vulnerability in mod_mysql_vhost.c in lighttpd before 1.4.35 allows remote attackers to execute arbitrary SQL commands via the host name, related to request_check_hostname."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-02-19T04:06:07.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.lighttpd.net/2014/3/12/1.4.35/"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2014_01.txt"
            },
            {
              "name": "DSA-2877",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2014/dsa-2877"
            },
            {
              "name": "openSUSE-SU-2014:0449",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00023.html"
            },
            {
              "name": "57514",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/57514"
            },
            {
              "name": "HPSBGN03191",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=141576815022399\u0026w=2"
            },
            {
              "name": "openSUSE-SU-2014:0496",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00006.html"
            },
            {
              "name": "SUSE-SU-2014:0474",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00002.html"
            },
            {
              "name": "57404",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/57404"
            },
            {
              "name": "[oss-security] 20140312 Re: lighttpd 1.4.34 SQL injection and path traversal CVE request",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://seclists.org/oss-sec/2014/q1/564"
            },
            {
              "name": "[oss-security] 20140312 lighttpd 1.4.34 SQL injection and path traversal CVE request",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://seclists.org/oss-sec/2014/q1/561"
            },
            {
              "name": "JVN#37417423",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "http://jvn.jp/en/jp/JVN37417423/index.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2014-2323",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "SQL injection vulnerability in mod_mysql_vhost.c in lighttpd before 1.4.35 allows remote attackers to execute arbitrary SQL commands via the host name, related to request_check_hostname."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.lighttpd.net/2014/3/12/1.4.35/",
                  "refsource": "CONFIRM",
                  "url": "http://www.lighttpd.net/2014/3/12/1.4.35/"
                },
                {
                  "name": "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2014_01.txt",
                  "refsource": "CONFIRM",
                  "url": "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2014_01.txt"
                },
                {
                  "name": "DSA-2877",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2014/dsa-2877"
                },
                {
                  "name": "openSUSE-SU-2014:0449",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00023.html"
                },
                {
                  "name": "57514",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/57514"
                },
                {
                  "name": "HPSBGN03191",
                  "refsource": "HP",
                  "url": "http://marc.info/?l=bugtraq\u0026m=141576815022399\u0026w=2"
                },
                {
                  "name": "openSUSE-SU-2014:0496",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00006.html"
                },
                {
                  "name": "SUSE-SU-2014:0474",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00002.html"
                },
                {
                  "name": "57404",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/57404"
                },
                {
                  "name": "[oss-security] 20140312 Re: lighttpd 1.4.34 SQL injection and path traversal CVE request",
                  "refsource": "MLIST",
                  "url": "http://seclists.org/oss-sec/2014/q1/564"
                },
                {
                  "name": "[oss-security] 20140312 lighttpd 1.4.34 SQL injection and path traversal CVE request",
                  "refsource": "MLIST",
                  "url": "http://seclists.org/oss-sec/2014/q1/561"
                },
                {
                  "name": "JVN#37417423",
                  "refsource": "JVN",
                  "url": "http://jvn.jp/en/jp/JVN37417423/index.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2014-2323",
        "datePublished": "2014-03-14T15:00:00.000Z",
        "dateReserved": "2014-03-12T00:00:00.000Z",
        "dateUpdated": "2024-08-06T10:06:00.483Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2014-2324 (GCVE-0-2014-2324)

    Vulnerability from cvelistv5 – Published: 2014-03-14 15:00 – Updated: 2024-08-06 10:06
    VLAI
    Summary
    Multiple directory traversal vulnerabilities in (1) mod_evhost and (2) mod_simple_vhost in lighttpd before 1.4.35 allow remote attackers to read arbitrary files via a .. (dot dot) in the host name, related to request_check_hostname.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.lighttpd.net/2014/3/12/1.4.35/ x_refsource_CONFIRM
    http://www.securityfocus.com/bid/66157 vdb-entryx_refsource_BID
    http://download.lighttpd.net/lighttpd/security/li… x_refsource_CONFIRM
    http://www.debian.org/security/2014/dsa-2877 vendor-advisoryx_refsource_DEBIAN
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://secunia.com/advisories/57514 third-party-advisoryx_refsource_SECUNIA
    http://marc.info/?l=bugtraq&m=141576815022399&w=2 vendor-advisoryx_refsource_HP
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://lists.opensuse.org/opensuse-security-annou… vendor-advisoryx_refsource_SUSE
    http://secunia.com/advisories/57404 third-party-advisoryx_refsource_SECUNIA
    http://seclists.org/oss-sec/2014/q1/564 mailing-listx_refsource_MLIST
    http://seclists.org/oss-sec/2014/q1/561 mailing-listx_refsource_MLIST
    http://jvn.jp/en/jp/JVN37417423/index.html third-party-advisoryx_refsource_JVN
    Date Public
    2014-03-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T10:06:00.322Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.lighttpd.net/2014/3/12/1.4.35/"
              },
              {
                "name": "66157",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/66157"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2014_01.txt"
              },
              {
                "name": "DSA-2877",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "http://www.debian.org/security/2014/dsa-2877"
              },
              {
                "name": "openSUSE-SU-2014:0449",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00023.html"
              },
              {
                "name": "57514",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/57514"
              },
              {
                "name": "HPSBGN03191",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=141576815022399\u0026w=2"
              },
              {
                "name": "openSUSE-SU-2014:0496",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00006.html"
              },
              {
                "name": "SUSE-SU-2014:0474",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00002.html"
              },
              {
                "name": "57404",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/57404"
              },
              {
                "name": "[oss-security] 20140312 Re: lighttpd 1.4.34 SQL injection and path traversal CVE request",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://seclists.org/oss-sec/2014/q1/564"
              },
              {
                "name": "[oss-security] 20140312 lighttpd 1.4.34 SQL injection and path traversal CVE request",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://seclists.org/oss-sec/2014/q1/561"
              },
              {
                "name": "JVN#37417423",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "http://jvn.jp/en/jp/JVN37417423/index.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2014-03-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Multiple directory traversal vulnerabilities in (1) mod_evhost and (2) mod_simple_vhost in lighttpd before 1.4.35 allow remote attackers to read arbitrary files via a .. (dot dot) in the host name, related to request_check_hostname."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-02-19T04:06:10.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.lighttpd.net/2014/3/12/1.4.35/"
            },
            {
              "name": "66157",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/66157"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2014_01.txt"
            },
            {
              "name": "DSA-2877",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "http://www.debian.org/security/2014/dsa-2877"
            },
            {
              "name": "openSUSE-SU-2014:0449",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00023.html"
            },
            {
              "name": "57514",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/57514"
            },
            {
              "name": "HPSBGN03191",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=141576815022399\u0026w=2"
            },
            {
              "name": "openSUSE-SU-2014:0496",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00006.html"
            },
            {
              "name": "SUSE-SU-2014:0474",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00002.html"
            },
            {
              "name": "57404",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/57404"
            },
            {
              "name": "[oss-security] 20140312 Re: lighttpd 1.4.34 SQL injection and path traversal CVE request",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://seclists.org/oss-sec/2014/q1/564"
            },
            {
              "name": "[oss-security] 20140312 lighttpd 1.4.34 SQL injection and path traversal CVE request",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://seclists.org/oss-sec/2014/q1/561"
            },
            {
              "name": "JVN#37417423",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "http://jvn.jp/en/jp/JVN37417423/index.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2014-2324",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Multiple directory traversal vulnerabilities in (1) mod_evhost and (2) mod_simple_vhost in lighttpd before 1.4.35 allow remote attackers to read arbitrary files via a .. (dot dot) in the host name, related to request_check_hostname."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.lighttpd.net/2014/3/12/1.4.35/",
                  "refsource": "CONFIRM",
                  "url": "http://www.lighttpd.net/2014/3/12/1.4.35/"
                },
                {
                  "name": "66157",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/66157"
                },
                {
                  "name": "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2014_01.txt",
                  "refsource": "CONFIRM",
                  "url": "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2014_01.txt"
                },
                {
                  "name": "DSA-2877",
                  "refsource": "DEBIAN",
                  "url": "http://www.debian.org/security/2014/dsa-2877"
                },
                {
                  "name": "openSUSE-SU-2014:0449",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2014-03/msg00023.html"
                },
                {
                  "name": "57514",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/57514"
                },
                {
                  "name": "HPSBGN03191",
                  "refsource": "HP",
                  "url": "http://marc.info/?l=bugtraq\u0026m=141576815022399\u0026w=2"
                },
                {
                  "name": "openSUSE-SU-2014:0496",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00006.html"
                },
                {
                  "name": "SUSE-SU-2014:0474",
                  "refsource": "SUSE",
                  "url": "http://lists.opensuse.org/opensuse-security-announce/2014-04/msg00002.html"
                },
                {
                  "name": "57404",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/57404"
                },
                {
                  "name": "[oss-security] 20140312 Re: lighttpd 1.4.34 SQL injection and path traversal CVE request",
                  "refsource": "MLIST",
                  "url": "http://seclists.org/oss-sec/2014/q1/564"
                },
                {
                  "name": "[oss-security] 20140312 lighttpd 1.4.34 SQL injection and path traversal CVE request",
                  "refsource": "MLIST",
                  "url": "http://seclists.org/oss-sec/2014/q1/561"
                },
                {
                  "name": "JVN#37417423",
                  "refsource": "JVN",
                  "url": "http://jvn.jp/en/jp/JVN37417423/index.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2014-2324",
        "datePublished": "2014-03-14T15:00:00.000Z",
        "dateReserved": "2014-03-12T00:00:00.000Z",
        "dateUpdated": "2024-08-06T10:06:00.322Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-4560 (GCVE-0-2013-4560)

    Vulnerability from cvelistv5 – Published: 2013-11-19 19:00 – Updated: 2024-08-06 16:45
    VLAI
    Summary
    Use-after-free vulnerability in lighttpd before 1.4.33 allows remote attackers to cause a denial of service (segmentation fault and crash) via unspecified vectors that trigger FAMMonitorDirectory failures.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/55682 third-party-advisoryx_refsource_SECUNIA
    http://marc.info/?l=bugtraq&m=141576815022399&w=2 vendor-advisoryx_refsource_HP
    http://download.lighttpd.net/lighttpd/security/li… x_refsource_CONFIRM
    http://lists.opensuse.org/opensuse-updates/2014-0… vendor-advisoryx_refsource_SUSE
    https://www.debian.org/security/2013/dsa-2795 vendor-advisoryx_refsource_DEBIAN
    http://www.openwall.com/lists/oss-security/2013/11/12/4 mailing-listx_refsource_MLIST
    http://jvn.jp/en/jp/JVN37417423/index.html third-party-advisoryx_refsource_JVN
    Date Public
    2013-11-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T16:45:14.824Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "55682",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/55682"
              },
              {
                "name": "HPSBGN03191",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=141576815022399\u0026w=2"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2013_03.txt"
              },
              {
                "name": "openSUSE-SU-2014:0072",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00049.html"
              },
              {
                "name": "DSA-2795",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2013/dsa-2795"
              },
              {
                "name": "[oss-security] 20131112 Re: CVE Request: lighttpd multiple issues (setuid/... unchecked return value, FAM: read after free)",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2013/11/12/4"
              },
              {
                "name": "JVN#37417423",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "http://jvn.jp/en/jp/JVN37417423/index.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-11-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Use-after-free vulnerability in lighttpd before 1.4.33 allows remote attackers to cause a denial of service (segmentation fault and crash) via unspecified vectors that trigger FAMMonitorDirectory failures."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-02-19T04:06:12.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "55682",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/55682"
            },
            {
              "name": "HPSBGN03191",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=141576815022399\u0026w=2"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2013_03.txt"
            },
            {
              "name": "openSUSE-SU-2014:0072",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00049.html"
            },
            {
              "name": "DSA-2795",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "https://www.debian.org/security/2013/dsa-2795"
            },
            {
              "name": "[oss-security] 20131112 Re: CVE Request: lighttpd multiple issues (setuid/... unchecked return value, FAM: read after free)",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2013/11/12/4"
            },
            {
              "name": "JVN#37417423",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "http://jvn.jp/en/jp/JVN37417423/index.html"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2013-4560",
        "datePublished": "2013-11-19T19:00:00.000Z",
        "dateReserved": "2013-06-12T00:00:00.000Z",
        "dateUpdated": "2024-08-06T16:45:14.824Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-4559 (GCVE-0-2013-4559)

    Vulnerability from cvelistv5 – Published: 2013-11-19 19:00 – Updated: 2024-08-06 16:45
    VLAI
    Summary
    lighttpd before 1.4.33 does not check the return value of the (1) setuid, (2) setgid, or (3) setgroups functions, which might cause lighttpd to run as root if it is restarted and allows remote attackers to gain privileges, as demonstrated by multiple calls to the clone function that cause setuid to fail when the user process limit is reached.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/55682 third-party-advisoryx_refsource_SECUNIA
    http://marc.info/?l=bugtraq&m=141576815022399&w=2 vendor-advisoryx_refsource_HP
    http://download.lighttpd.net/lighttpd/security/li… x_refsource_CONFIRM
    http://lists.opensuse.org/opensuse-updates/2014-0… vendor-advisoryx_refsource_SUSE
    https://www.debian.org/security/2013/dsa-2795 vendor-advisoryx_refsource_DEBIAN
    http://www.openwall.com/lists/oss-security/2013/11/12/4 mailing-listx_refsource_MLIST
    https://kc.mcafee.com/corporate/index?page=conten… x_refsource_CONFIRM
    http://jvn.jp/en/jp/JVN37417423/index.html third-party-advisoryx_refsource_JVN
    Date Public
    2013-11-12 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T16:45:14.842Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "55682",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/55682"
              },
              {
                "name": "HPSBGN03191",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=141576815022399\u0026w=2"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2013_02.txt"
              },
              {
                "name": "openSUSE-SU-2014:0072",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_SUSE",
                  "x_transferred"
                ],
                "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00049.html"
              },
              {
                "name": "DSA-2795",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2013/dsa-2795"
              },
              {
                "name": "[oss-security] 20131112 Re: CVE Request: lighttpd multiple issues (setuid/... unchecked return value, FAM: read after free)",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "http://www.openwall.com/lists/oss-security/2013/11/12/4"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10310"
              },
              {
                "name": "JVN#37417423",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_JVN",
                  "x_transferred"
                ],
                "url": "http://jvn.jp/en/jp/JVN37417423/index.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-11-12T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "lighttpd before 1.4.33 does not check the return value of the (1) setuid, (2) setgid, or (3) setgroups functions, which might cause lighttpd to run as root if it is restarted and allows remote attackers to gain privileges, as demonstrated by multiple calls to the clone function that cause setuid to fail when the user process limit is reached."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-02-19T04:06:13.000Z",
            "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
            "shortName": "redhat"
          },
          "references": [
            {
              "name": "55682",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/55682"
            },
            {
              "name": "HPSBGN03191",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=141576815022399\u0026w=2"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2013_02.txt"
            },
            {
              "name": "openSUSE-SU-2014:0072",
              "tags": [
                "vendor-advisory",
                "x_refsource_SUSE"
              ],
              "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00049.html"
            },
            {
              "name": "DSA-2795",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "https://www.debian.org/security/2013/dsa-2795"
            },
            {
              "name": "[oss-security] 20131112 Re: CVE Request: lighttpd multiple issues (setuid/... unchecked return value, FAM: read after free)",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "http://www.openwall.com/lists/oss-security/2013/11/12/4"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://kc.mcafee.com/corporate/index?page=content\u0026id=SB10310"
            },
            {
              "name": "JVN#37417423",
              "tags": [
                "third-party-advisory",
                "x_refsource_JVN"
              ],
              "url": "http://jvn.jp/en/jp/JVN37417423/index.html"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749",
        "assignerShortName": "redhat",
        "cveId": "CVE-2013-4559",
        "datePublished": "2013-11-19T19:00:00.000Z",
        "dateReserved": "2013-06-12T00:00:00.000Z",
        "dateUpdated": "2024-08-06T16:45:14.842Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    VAR-201607-0657

    Vulnerability from variot - Updated: 2024-07-23 20:03

    PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application's outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, as demonstrated by (1) an application that makes a getenv('HTTP_PROXY') call or (2) a CGI configuration of PHP, aka an "httpoxy" issue. Web servers running in a CGI or CGI-like context may assign client request Proxy header values to internal HTTP_PROXY environment variables. This vulnerability can be leveraged to conduct man-in-the-middle (MITM) attacks on internal subrequests or to direct the server to initiate connections to arbitrary hosts. This vulnerability "httpoxy" Is called a problem. PHP (PHP: Hypertext Preprocessor, PHP: Hypertext Preprocessor) is an open source general-purpose computer scripting language jointly maintained by the PHP Group and the open source community. The language is mainly used for Web development and supports a variety of databases and operating systems. There is a security vulnerability in PHP 7.0.8 and earlier versions, the vulnerability stems from the fact that the program does not resolve namespace conflicts in RFC 3875 mode. The program does not properly handle data from untrusted client applications in the HTTP_PROXY environment variable. A remote attacker uses the specially crafted Proxy header message in the HTTP request to exploit this vulnerability to implement a man-in-the-middle attack, directing the server to send a connection to any host.

    The vulnerabilities are addressed by upgrading PHP to the new upstream version 5.6.24, which includes additional bug fixes. Please refer to the upstream changelog for more information:

    https://php.net/ChangeLog-5.php#5.6.24

    For the stable distribution (jessie), these problems have been fixed in version 5.6.24+dfsg-0+deb8u1.

    For the unstable distribution (sid), these problems have been fixed in version 7.0.9-1 of the php7.0 source package.

    We recommend that you upgrade your php5 packages.

    Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/php-5.6.24-i586-1_slack14.2.txz: Upgraded. For more information, see: http://php.net/ChangeLog-5.php#5.6.24 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5385 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6207 ( Security fix ) +--------------------------+

    Where to find the new packages: +-----------------------------+

    Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-)

    Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you.

    Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/php-5.6.24-i486-1_slack14.0.txz

    Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/php-5.6.24-x86_64-1_slack14.0.txz

    Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/php-5.6.24-i486-1_slack14.1.txz

    Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/php-5.6.24-x86_64-1_slack14.1.txz

    Updated package for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/php-5.6.24-i586-1_slack14.2.txz

    Updated package for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/php-5.6.24-x86_64-1_slack14.2.txz

    Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/php-5.6.24-i586-1.txz

    Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/php-5.6.24-x86_64-1.txz

    MD5 signatures: +-------------+

    Slackware 14.0 package: 712cc177c9ac10f3d58e871ff27260dc php-5.6.24-i486-1_slack14.0.txz

    Slackware x86_64 14.0 package: 47f6ad4a81517f5b2959abc73475742b php-5.6.24-x86_64-1_slack14.0.txz

    Slackware 14.1 package: aea6a8869946186781e55c5ecec952b0 php-5.6.24-i486-1_slack14.1.txz

    Slackware x86_64 14.1 package: ab16db742762605b9b219b37cdd7e8db php-5.6.24-x86_64-1_slack14.1.txz

    Slackware 14.2 package: c88a731667e741443712267d9b30286a php-5.6.24-i586-1_slack14.2.txz

    Slackware x86_64 14.2 package: ed5b31c94e2fb91f0e6c40051f51da1c php-5.6.24-x86_64-1_slack14.2.txz

    Slackware -current package: c25a85fece34101d35b8785022cef94d n/php-5.6.24-i586-1.txz

    Slackware x86_64 -current package: 17f8886fc0901cea6d593170ea00fe7b n/php-5.6.24-x86_64-1.txz

    Installation instructions: +------------------------+

    Upgrade the package as root:

    upgradepkg php-5.6.24-i586-1_slack14.2.txz

    Then, restart Apache httpd:

    /etc/rc.d/rc.httpd stop

    /etc/rc.d/rc.httpd start

    +-----+

    Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com

    +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

    ===================================================================== Red Hat Security Advisory

    Synopsis: Moderate: php security and bug fix update Advisory ID: RHSA-2016:1613-01 Product: Red Hat Enterprise Linux Advisory URL: https://rhn.redhat.com/errata/RHSA-2016-1613.html Issue date: 2016-08-11 CVE Names: CVE-2016-5385 =====================================================================

    1. Summary:

    An update for php is now available for Red Hat Enterprise Linux 7.

    Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

    1. Relevant releases/architectures:

    Red Hat Enterprise Linux Client Optional (v. 7) - x86_64 Red Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64 Red Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64 Red Hat Enterprise Linux Workstation (v. 7) - x86_64 Red Hat Enterprise Linux Workstation Optional (v. 7) - x86_64

    1. (CVE-2016-5385)

    Red Hat would like to thank Scott Geary (VendHQ) for reporting this issue.

    Bug Fix(es):

    • Previously, an incorrect logic in the SAPI header callback routine caused that the callback counter was not incremented. Consequently, when a script included a header callback, it could terminate unexpectedly with a segmentation fault. With this update, the callback counter is properly managed, and scripts with a header callback implementation work as expected. (BZ#1346758)

    • Solution:

    For details on how to apply this update, which includes the changes described in this advisory, refer to:

    https://access.redhat.com/articles/11258

    After installing the updated packages, the httpd daemon must be restarted for the update to take effect.

    1. Bugs fixed (https://bugzilla.redhat.com/):

    1346758 - Segmentation fault while header_register_callback 1353794 - CVE-2016-5385 PHP: sets environmental variable based on user supplied Proxy request header

    1. Package List:

    Red Hat Enterprise Linux Client Optional (v. 7):

    Source: php-5.4.16-36.3.el7_2.src.rpm

    x86_64: php-5.4.16-36.3.el7_2.x86_64.rpm php-bcmath-5.4.16-36.3.el7_2.x86_64.rpm php-cli-5.4.16-36.3.el7_2.x86_64.rpm php-common-5.4.16-36.3.el7_2.x86_64.rpm php-dba-5.4.16-36.3.el7_2.x86_64.rpm php-debuginfo-5.4.16-36.3.el7_2.x86_64.rpm php-devel-5.4.16-36.3.el7_2.x86_64.rpm php-embedded-5.4.16-36.3.el7_2.x86_64.rpm php-enchant-5.4.16-36.3.el7_2.x86_64.rpm php-fpm-5.4.16-36.3.el7_2.x86_64.rpm php-gd-5.4.16-36.3.el7_2.x86_64.rpm php-intl-5.4.16-36.3.el7_2.x86_64.rpm php-ldap-5.4.16-36.3.el7_2.x86_64.rpm php-mbstring-5.4.16-36.3.el7_2.x86_64.rpm php-mysql-5.4.16-36.3.el7_2.x86_64.rpm php-mysqlnd-5.4.16-36.3.el7_2.x86_64.rpm php-odbc-5.4.16-36.3.el7_2.x86_64.rpm php-pdo-5.4.16-36.3.el7_2.x86_64.rpm php-pgsql-5.4.16-36.3.el7_2.x86_64.rpm php-process-5.4.16-36.3.el7_2.x86_64.rpm php-pspell-5.4.16-36.3.el7_2.x86_64.rpm php-recode-5.4.16-36.3.el7_2.x86_64.rpm php-snmp-5.4.16-36.3.el7_2.x86_64.rpm php-soap-5.4.16-36.3.el7_2.x86_64.rpm php-xml-5.4.16-36.3.el7_2.x86_64.rpm php-xmlrpc-5.4.16-36.3.el7_2.x86_64.rpm

    Red Hat Enterprise Linux ComputeNode Optional (v. 7):

    Source: php-5.4.16-36.3.el7_2.src.rpm

    x86_64: php-5.4.16-36.3.el7_2.x86_64.rpm php-bcmath-5.4.16-36.3.el7_2.x86_64.rpm php-cli-5.4.16-36.3.el7_2.x86_64.rpm php-common-5.4.16-36.3.el7_2.x86_64.rpm php-dba-5.4.16-36.3.el7_2.x86_64.rpm php-debuginfo-5.4.16-36.3.el7_2.x86_64.rpm php-devel-5.4.16-36.3.el7_2.x86_64.rpm php-embedded-5.4.16-36.3.el7_2.x86_64.rpm php-enchant-5.4.16-36.3.el7_2.x86_64.rpm php-fpm-5.4.16-36.3.el7_2.x86_64.rpm php-gd-5.4.16-36.3.el7_2.x86_64.rpm php-intl-5.4.16-36.3.el7_2.x86_64.rpm php-ldap-5.4.16-36.3.el7_2.x86_64.rpm php-mbstring-5.4.16-36.3.el7_2.x86_64.rpm php-mysql-5.4.16-36.3.el7_2.x86_64.rpm php-mysqlnd-5.4.16-36.3.el7_2.x86_64.rpm php-odbc-5.4.16-36.3.el7_2.x86_64.rpm php-pdo-5.4.16-36.3.el7_2.x86_64.rpm php-pgsql-5.4.16-36.3.el7_2.x86_64.rpm php-process-5.4.16-36.3.el7_2.x86_64.rpm php-pspell-5.4.16-36.3.el7_2.x86_64.rpm php-recode-5.4.16-36.3.el7_2.x86_64.rpm php-snmp-5.4.16-36.3.el7_2.x86_64.rpm php-soap-5.4.16-36.3.el7_2.x86_64.rpm php-xml-5.4.16-36.3.el7_2.x86_64.rpm php-xmlrpc-5.4.16-36.3.el7_2.x86_64.rpm

    Red Hat Enterprise Linux Server (v. 7):

    Source: php-5.4.16-36.3.el7_2.src.rpm

    ppc64: php-5.4.16-36.3.el7_2.ppc64.rpm php-cli-5.4.16-36.3.el7_2.ppc64.rpm php-common-5.4.16-36.3.el7_2.ppc64.rpm php-debuginfo-5.4.16-36.3.el7_2.ppc64.rpm php-gd-5.4.16-36.3.el7_2.ppc64.rpm php-ldap-5.4.16-36.3.el7_2.ppc64.rpm php-mysql-5.4.16-36.3.el7_2.ppc64.rpm php-odbc-5.4.16-36.3.el7_2.ppc64.rpm php-pdo-5.4.16-36.3.el7_2.ppc64.rpm php-pgsql-5.4.16-36.3.el7_2.ppc64.rpm php-process-5.4.16-36.3.el7_2.ppc64.rpm php-recode-5.4.16-36.3.el7_2.ppc64.rpm php-soap-5.4.16-36.3.el7_2.ppc64.rpm php-xml-5.4.16-36.3.el7_2.ppc64.rpm php-xmlrpc-5.4.16-36.3.el7_2.ppc64.rpm

    ppc64le: php-5.4.16-36.3.el7_2.ppc64le.rpm php-cli-5.4.16-36.3.el7_2.ppc64le.rpm php-common-5.4.16-36.3.el7_2.ppc64le.rpm php-debuginfo-5.4.16-36.3.el7_2.ppc64le.rpm php-gd-5.4.16-36.3.el7_2.ppc64le.rpm php-ldap-5.4.16-36.3.el7_2.ppc64le.rpm php-mysql-5.4.16-36.3.el7_2.ppc64le.rpm php-odbc-5.4.16-36.3.el7_2.ppc64le.rpm php-pdo-5.4.16-36.3.el7_2.ppc64le.rpm php-pgsql-5.4.16-36.3.el7_2.ppc64le.rpm php-process-5.4.16-36.3.el7_2.ppc64le.rpm php-recode-5.4.16-36.3.el7_2.ppc64le.rpm php-soap-5.4.16-36.3.el7_2.ppc64le.rpm php-xml-5.4.16-36.3.el7_2.ppc64le.rpm php-xmlrpc-5.4.16-36.3.el7_2.ppc64le.rpm

    s390x: php-5.4.16-36.3.el7_2.s390x.rpm php-cli-5.4.16-36.3.el7_2.s390x.rpm php-common-5.4.16-36.3.el7_2.s390x.rpm php-debuginfo-5.4.16-36.3.el7_2.s390x.rpm php-gd-5.4.16-36.3.el7_2.s390x.rpm php-ldap-5.4.16-36.3.el7_2.s390x.rpm php-mysql-5.4.16-36.3.el7_2.s390x.rpm php-odbc-5.4.16-36.3.el7_2.s390x.rpm php-pdo-5.4.16-36.3.el7_2.s390x.rpm php-pgsql-5.4.16-36.3.el7_2.s390x.rpm php-process-5.4.16-36.3.el7_2.s390x.rpm php-recode-5.4.16-36.3.el7_2.s390x.rpm php-soap-5.4.16-36.3.el7_2.s390x.rpm php-xml-5.4.16-36.3.el7_2.s390x.rpm php-xmlrpc-5.4.16-36.3.el7_2.s390x.rpm

    x86_64: php-5.4.16-36.3.el7_2.x86_64.rpm php-cli-5.4.16-36.3.el7_2.x86_64.rpm php-common-5.4.16-36.3.el7_2.x86_64.rpm php-debuginfo-5.4.16-36.3.el7_2.x86_64.rpm php-gd-5.4.16-36.3.el7_2.x86_64.rpm php-ldap-5.4.16-36.3.el7_2.x86_64.rpm php-mysql-5.4.16-36.3.el7_2.x86_64.rpm php-odbc-5.4.16-36.3.el7_2.x86_64.rpm php-pdo-5.4.16-36.3.el7_2.x86_64.rpm php-pgsql-5.4.16-36.3.el7_2.x86_64.rpm php-process-5.4.16-36.3.el7_2.x86_64.rpm php-recode-5.4.16-36.3.el7_2.x86_64.rpm php-soap-5.4.16-36.3.el7_2.x86_64.rpm php-xml-5.4.16-36.3.el7_2.x86_64.rpm php-xmlrpc-5.4.16-36.3.el7_2.x86_64.rpm

    Red Hat Enterprise Linux Server Optional (v. 7):

    ppc64: php-bcmath-5.4.16-36.3.el7_2.ppc64.rpm php-dba-5.4.16-36.3.el7_2.ppc64.rpm php-debuginfo-5.4.16-36.3.el7_2.ppc64.rpm php-devel-5.4.16-36.3.el7_2.ppc64.rpm php-embedded-5.4.16-36.3.el7_2.ppc64.rpm php-enchant-5.4.16-36.3.el7_2.ppc64.rpm php-fpm-5.4.16-36.3.el7_2.ppc64.rpm php-intl-5.4.16-36.3.el7_2.ppc64.rpm php-mbstring-5.4.16-36.3.el7_2.ppc64.rpm php-mysqlnd-5.4.16-36.3.el7_2.ppc64.rpm php-pspell-5.4.16-36.3.el7_2.ppc64.rpm php-snmp-5.4.16-36.3.el7_2.ppc64.rpm

    ppc64le: php-bcmath-5.4.16-36.3.el7_2.ppc64le.rpm php-dba-5.4.16-36.3.el7_2.ppc64le.rpm php-debuginfo-5.4.16-36.3.el7_2.ppc64le.rpm php-devel-5.4.16-36.3.el7_2.ppc64le.rpm php-embedded-5.4.16-36.3.el7_2.ppc64le.rpm php-enchant-5.4.16-36.3.el7_2.ppc64le.rpm php-fpm-5.4.16-36.3.el7_2.ppc64le.rpm php-intl-5.4.16-36.3.el7_2.ppc64le.rpm php-mbstring-5.4.16-36.3.el7_2.ppc64le.rpm php-mysqlnd-5.4.16-36.3.el7_2.ppc64le.rpm php-pspell-5.4.16-36.3.el7_2.ppc64le.rpm php-snmp-5.4.16-36.3.el7_2.ppc64le.rpm

    s390x: php-bcmath-5.4.16-36.3.el7_2.s390x.rpm php-dba-5.4.16-36.3.el7_2.s390x.rpm php-debuginfo-5.4.16-36.3.el7_2.s390x.rpm php-devel-5.4.16-36.3.el7_2.s390x.rpm php-embedded-5.4.16-36.3.el7_2.s390x.rpm php-enchant-5.4.16-36.3.el7_2.s390x.rpm php-fpm-5.4.16-36.3.el7_2.s390x.rpm php-intl-5.4.16-36.3.el7_2.s390x.rpm php-mbstring-5.4.16-36.3.el7_2.s390x.rpm php-mysqlnd-5.4.16-36.3.el7_2.s390x.rpm php-pspell-5.4.16-36.3.el7_2.s390x.rpm php-snmp-5.4.16-36.3.el7_2.s390x.rpm

    x86_64: php-bcmath-5.4.16-36.3.el7_2.x86_64.rpm php-dba-5.4.16-36.3.el7_2.x86_64.rpm php-debuginfo-5.4.16-36.3.el7_2.x86_64.rpm php-devel-5.4.16-36.3.el7_2.x86_64.rpm php-embedded-5.4.16-36.3.el7_2.x86_64.rpm php-enchant-5.4.16-36.3.el7_2.x86_64.rpm php-fpm-5.4.16-36.3.el7_2.x86_64.rpm php-intl-5.4.16-36.3.el7_2.x86_64.rpm php-mbstring-5.4.16-36.3.el7_2.x86_64.rpm php-mysqlnd-5.4.16-36.3.el7_2.x86_64.rpm php-pspell-5.4.16-36.3.el7_2.x86_64.rpm php-snmp-5.4.16-36.3.el7_2.x86_64.rpm

    Red Hat Enterprise Linux Workstation (v. 7):

    Source: php-5.4.16-36.3.el7_2.src.rpm

    x86_64: php-5.4.16-36.3.el7_2.x86_64.rpm php-cli-5.4.16-36.3.el7_2.x86_64.rpm php-common-5.4.16-36.3.el7_2.x86_64.rpm php-debuginfo-5.4.16-36.3.el7_2.x86_64.rpm php-gd-5.4.16-36.3.el7_2.x86_64.rpm php-ldap-5.4.16-36.3.el7_2.x86_64.rpm php-mysql-5.4.16-36.3.el7_2.x86_64.rpm php-odbc-5.4.16-36.3.el7_2.x86_64.rpm php-pdo-5.4.16-36.3.el7_2.x86_64.rpm php-pgsql-5.4.16-36.3.el7_2.x86_64.rpm php-process-5.4.16-36.3.el7_2.x86_64.rpm php-recode-5.4.16-36.3.el7_2.x86_64.rpm php-soap-5.4.16-36.3.el7_2.x86_64.rpm php-xml-5.4.16-36.3.el7_2.x86_64.rpm php-xmlrpc-5.4.16-36.3.el7_2.x86_64.rpm

    Red Hat Enterprise Linux Workstation Optional (v. 7):

    x86_64: php-bcmath-5.4.16-36.3.el7_2.x86_64.rpm php-dba-5.4.16-36.3.el7_2.x86_64.rpm php-debuginfo-5.4.16-36.3.el7_2.x86_64.rpm php-devel-5.4.16-36.3.el7_2.x86_64.rpm php-embedded-5.4.16-36.3.el7_2.x86_64.rpm php-enchant-5.4.16-36.3.el7_2.x86_64.rpm php-fpm-5.4.16-36.3.el7_2.x86_64.rpm php-intl-5.4.16-36.3.el7_2.x86_64.rpm php-mbstring-5.4.16-36.3.el7_2.x86_64.rpm php-mysqlnd-5.4.16-36.3.el7_2.x86_64.rpm php-pspell-5.4.16-36.3.el7_2.x86_64.rpm php-snmp-5.4.16-36.3.el7_2.x86_64.rpm

    These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

    1. Contact:

    The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

    Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1

    iD8DBQFXrPgaXlSAg2UNWIIRAjn0AJ9+uobkj268+7awLhgQLyNGujzgkgCgp8+D ggdX4EUo7inKwJDZgGYrNok= =Zn6M -----END PGP SIGNATURE-----

    -- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce . ========================================================================= Ubuntu Security Notice USN-3045-1 August 02, 2016

    php5, php7.0 vulnerabilities

    A security issue affects these releases of Ubuntu and its derivatives:

    • Ubuntu 16.04 LTS
    • Ubuntu 14.04 LTS
    • Ubuntu 12.04 LTS

    Summary:

    Several security issues were fixed in PHP.

    Software Description: - php7.0: HTML-embedded scripting language interpreter - php5: HTML-embedded scripting language interpreter

    Details:

    It was discovered that PHP incorrectly handled certain SplMinHeap::compar e operations. A remote attacker could use this issue to cause PHP to crash,

    resulting in a denial of service, or possibly execute arbitrary code. Thi s issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2015-4116 )

    It was discovered that PHP incorrectly handled recursive method calls. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2015-8873)

    It was discovered that PHP incorrectly validated certain Exception object s when unserializing data. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.0 4 LTS. (CVE-2015-8876)

    It was discovered that PHP header() function performed insufficient filtering for Internet Explorer. A remote attacker could possibly use thi s issue to perform a XSS attack. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2015-8935)

    It was discovered that PHP incorrectly handled certain locale operations.

    An attacker could use this issue to cause PHP to crash, resulting in a denial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2016-5093)

    It was discovered that the PHP php_html_entities() function incorrectly handled certain string lengths. A remote attacker could use this issue to

    cause PHP to crash, resulting in a denial of service, or possibly execute

    arbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.0 4 LTS. (CVE-2016-5094, CVE-2016-5095)

    It was discovered that the PHP fread() function incorrectly handled certa in lengths. An attacker could use this issue to cause PHP to crash, resultin g in a denial of service, or possibly execute arbitrary code. This issue on ly affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2016-5096)

    It was discovered that the PHP FastCGI Process Manager (FPM) SAPI incorrectly handled memory in the access logging feature. An attacker cou ld use this issue to cause PHP to crash, resulting in a denial of service, o r possibly expose sensitive information. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2016-5114)

    It was discovered that PHP would not protect applications from contents o f the HTTP_PROXY environment variable when based on the contents of the Pro xy header from HTTP requests. A remote attacker could possibly use this issu e in combination with scripts that honour the HTTP_PROXY variable to redire ct outgoing HTTP requests. (CVE-2016-5385)

    Hans Jerry Illikainen discovered that the PHP bzread() function incorrect ly performed error handling. A remote attacker could use this issue to cause

    PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-5399)

    It was discovered that certain PHP multibyte string functions incorrectly

    handled memory. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LTS. (CVE-2016-5768)

    It was discovered that the PHP Mcrypt extension incorrectly handled memor y. A remote attacker could use this issue to cause PHP to crash, resulting i n a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2016-5769)

    It was discovered that the PHP garbage collector incorrectly handled certain objects when unserializing malicious data. A remote attacker coul d use this issue to cause PHP to crash, resulting in a denial of service, o r possibly execute arbitrary code. This issue was only addressed in Ubuntu Ubuntu 14.04 LTS. (CVE-2016-5771, CVE-2016-5773)

    It was discovered that PHP incorrectly handled memory when unserializing malicious xml data. A remote attacker could use this issue to cause PHP t o crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2016-5772)

    It was discovered that the PHP php_url_parse_ex() function incorrectly handled string termination. A remote attacker could use this issue to cau se PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.0 4 LTS. (CVE-2016-6288)

    It was discovered that PHP incorrectly handled path lengths when extracti ng certain Zip archives. A remote attacker could use this issue to cause PHP

    to crash, resulting in a denial of service, or possibly execute arbitrary

    code. (CVE-2016-6289)

    It was discovered that PHP incorrectly handled session deserialization. A

    remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-6290)

    It was discovered that PHP incorrectly handled exif headers when processi ng certain JPEG images. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-6291, CVE-2016-6292)

    It was discovered that PHP incorrectly handled certain locale operations. A remote attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-6294)

    It was discovered that the PHP garbage collector incorrectly handled certain objects when unserializing SNMP data. A remote attacker could use

    this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. This issue only affected Ubuntu 14.04 LT S and Ubuntu 16.04 LTS. (CVE-2016-6295)

    It was discovered that the PHP xmlrpc_encode_request() function incorrect ly handled certain lengths. An attacker could use this issue to cause PHP to

    crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-6296)

    It was discovered that the PHP php_stream_zip_opener() function incorrect ly handled memory. An attacker could use this issue to cause PHP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2016-6297)

    Update instructions:

    The problem can be corrected by updating your system to the following package versions:

    Ubuntu 16.04 LTS: libapache2-mod-php7.0 7.0.8-0ubuntu0.16.04.2 php7.0-cgi 7.0.8-0ubuntu0.16.04.2 php7.0-cli 7.0.8-0ubuntu0.16.04.2 php7.0-fpm 7.0.8-0ubuntu0.16.04.2

    Ubuntu 14.04 LTS: libapache2-mod-php5 5.5.9+dfsg-1ubuntu4.19 php5-cgi 5.5.9+dfsg-1ubuntu4.19 php5-cli 5.5.9+dfsg-1ubuntu4.19 php5-fpm 5.5.9+dfsg-1ubuntu4.19

    Ubuntu 12.04 LTS: libapache2-mod-php5 5.3.10-1ubuntu3.24 php5-cgi 5.3.10-1ubuntu3.24 php5-cli 5.3.10-1ubuntu3.24 php5-fpm 5.3.10-1ubuntu3.24

    In general, a standard system update will make all the necessary changes.

    References: http://www.ubuntu.com/usn/usn-3045-1 CVE-2015-4116, CVE-2015-8873, CVE-2015-8876, CVE-2015-8935, CVE-2016-5093, CVE-2016-5094, CVE-2016-5095, CVE-2016-5096, CVE-2016-5114, CVE-2016-5385, CVE-2016-5399, CVE-2016-5768, CVE-2016-5769, CVE-2016-5771, CVE-2016-5772, CVE-2016-5773, CVE-2016-6288, CVE-2016-6289, CVE-2016-6290, CVE-2016-6291, CVE-2016-6292, CVE-2016-6294, CVE-2016-6295, CVE-2016-6296, CVE-2016-6297

    Package Information: https://launchpad.net/ubuntu/+source/php7.0/7.0.8-0ubuntu0.16.04.2 https://launchpad.net/ubuntu/+source/php5/5.5.9+dfsg-1ubuntu4.19 https://launchpad.net/ubuntu/+source/php5/5.3.10-1ubuntu3.24

    . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256

    Note: the current version of the following document is available here: https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05333297

    SUPPORT COMMUNICATION - SECURITY BULLETIN

    Document ID: c05333297 Version: 2

    HPSBST03671 rev.2 - HPE StoreEver MSL6480 Tape Library Management Interface, Multiple Remote Vulnerabilities

    NOTICE: The information in this Security Bulletin should be acted upon as soon as possible.

    Release Date: 2017-01-14 Last Updated: 2017-01-13

    Potential Security Impact: Remote: Denial of Service (DoS), Unauthorized Disclosure of Information

    Source: Hewlett Packard Enterprise, Product Security Response Team

    VULNERABILITY SUMMARY A security vulnerability in PHP was addressed by the HPE StoreEver MSL6480 Tape Library firmware version 5.10. The vulnerability could be exploited remotely to allow Unauthorized Disclosure of Information or Denial of Service via the Ethernet Management Interface. Please note that the Management Interface cannot access data stored on tape media, so this vulnerability does not allow for remote unauthorized disclosure of data stored on tape media or remote denial of service.

    References:

    • CVE-2016-5385 - PHP, HTTPoxy
    • CVE-2016-3074 - PHP
    • CVE-2013-7456 - PHP
    • CVE-2016-5093 - PHP
    • CVE-2016-5094 - PHP
    • CVE-2016-5096 - PHP
    • CVE-2016-5766 - PHP
    • CVE-2016-5767 - PHP
    • CVE-2016-5768 - PHP
    • CVE-2016-5769 - PHP
    • CVE-2016-5770 - PHP
    • CVE-2016-5771 - PHP
    • CVE-2016-5772 - PHP
    • CVE-2016-5773 - PHP
    • CVE-2016-6207 - GD Graphics Library
    • CVE-2016-6289 - PHP
    • CVE-2016-6290 - PHP
    • CVE-2016-6291 - PHP
    • CVE-2016-6292 - PHP
    • CVE-2016-6293 - PHP
    • CVE-2016-6294 - PHP
    • CVE-2016-6295 - PHP
    • CVE-2016-6296 - PHP
    • CVE-2016-6297 - PHP
    • CVE-2016-5399 - PHP

    SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed.

    • HP StoreEver MSL6480 Tape Library prior to 5.10

    BACKGROUND

    CVSS Base Metrics ================= Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector

    CVE-2013-7456
      7.6 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H
      6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
    
    CVE-2016-3074
      9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
      7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
    
    CVE-2016-5093
      8.6 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
      7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
    
    CVE-2016-5094
      8.6 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
      7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
    
    CVE-2016-5096
      8.6 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
      7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
    
    CVE-2016-5385
      8.1 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
      5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P)
    
    CVE-2016-5399
      8.1 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H
      5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P)
    
    CVE-2016-5766
      8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
      6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
    
    CVE-2016-5767
      8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
      6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
    
    CVE-2016-5768
      9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
      7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
    
    CVE-2016-5769
      9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
      7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
    
    CVE-2016-5770
      9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
      7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
    
    CVE-2016-5771
      9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
      7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
    
    CVE-2016-5772
      9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
      7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
    
    CVE-2016-5773
      9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
      7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
    
    CVE-2016-6207
      6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
      4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
    
    CVE-2016-6289
      7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
      6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
    
    CVE-2016-6290
      9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
      7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
    
    CVE-2016-6291
      9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
      7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
    
    CVE-2016-6292
      6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H
      4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)
    
    CVE-2016-6293
      9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
      7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
    
    CVE-2016-6294
      9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
      7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
    
    CVE-2016-6295
      9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
      7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
    
    CVE-2016-6296
      9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
      7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)
    
    CVE-2016-6297
      8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
      6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)
    
    Information on CVSS is documented in
    HPE Customer Notice HPSN-2008-002 here:
    

    https://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499

    RESOLUTION

    HPE has provided the following software update to resolve the vulnerabilities for the impacted versions of the HPE StoreEver MSL6480 Tape Library:

    HISTORY

    Version:1 (rev.1) - 15 November 2016 Initial release

    Version:2 (rev.2) - 13 January 2017 Updating CVE list

    Third Party Security Patches: Third party security patches that are to be installed on systems running Hewlett Packard Enterprise (HPE) software products should be applied in accordance with the customer's patch management policy.

    Support: For issues about implementing the recommendations of this Security Bulletin, contact normal HPE Services support channel. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hpe.com.

    Report: To report a potential security vulnerability for any HPE supported product: Web form: https://www.hpe.com/info/report-security-vulnerability Email: security-alert@hpe.com

    Subscribe: To initiate a subscription to receive future HPE Security Bulletin alerts via Email: http://www.hpe.com/support/Subscriber_Choice

    Security Bulletin Archive: A list of recently released Security Bulletins is available here: http://www.hpe.com/support/Security_Bulletin_Archive

    Software Product Category: The Software Product Category is represented in the title by the two characters following HPSB.

    3C = 3COM 3P = 3rd Party Software GN = HPE General Software HF = HPE Hardware and Firmware MU = Multi-Platform Software NS = NonStop Servers OV = OpenVMS PV = ProCurve ST = Storage Software UX = HP-UX

    Copyright 2016 Hewlett Packard Enterprise

    Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits; damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett Packard Enterprise and the names of Hewlett Packard Enterprise products referenced herein are trademarks of Hewlett Packard Enterprise in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201607-0657",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "storeever msl6480 tape library",
            "scope": null,
            "trust": 1.6,
            "vendor": "hewlett packard",
            "version": null
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "7"
          },
          {
            "model": "drupal",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "drupal",
            "version": "8.1.7"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "6"
          },
          {
            "model": "fedora",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "fedoraproject",
            "version": "24"
          },
          {
            "model": "php",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "php",
            "version": "5.5.0"
          },
          {
            "model": "leap",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "opensuse",
            "version": "42.1"
          },
          {
            "model": "php",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "php",
            "version": "5.6.24"
          },
          {
            "model": "fedora",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "fedoraproject",
            "version": "23"
          },
          {
            "model": "communications user data repository",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "10.0.1"
          },
          {
            "model": "drupal",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "drupal",
            "version": "8.0.0"
          },
          {
            "model": "enterprise linux server",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "6.0"
          },
          {
            "model": "php",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "php",
            "version": "5.6.0"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "debian",
            "version": "8.0"
          },
          {
            "model": "communications user data repository",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "10.0.0"
          },
          {
            "model": "php",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "php",
            "version": "7.0.8"
          },
          {
            "model": "communications user data repository",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "12.0.0"
          },
          {
            "model": "enterprise manager ops center",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "12.2.2"
          },
          {
            "model": "enterprise linux workstation",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "6.0"
          },
          {
            "model": "storeever msl6480 tape library",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "hp",
            "version": "5.09"
          },
          {
            "model": "system management homepage",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "hp",
            "version": "7.5.5.0"
          },
          {
            "model": "php",
            "scope": "lt",
            "trust": 1.0,
            "vendor": "php",
            "version": "5.5.38"
          },
          {
            "model": "php",
            "scope": "gte",
            "trust": 1.0,
            "vendor": "php",
            "version": "7.0.0"
          },
          {
            "model": "enterprise linux desktop",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "redhat",
            "version": "6.0"
          },
          {
            "model": "enterprise manager ops center",
            "scope": "eq",
            "trust": 1.0,
            "vendor": "oracle",
            "version": "12.3.2"
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "apache http server",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "go programming language",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "haproxy",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "hhvm",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "microsoft",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "python",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "the php group",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "lighttpd",
            "version": null
          },
          {
            "model": null,
            "scope": null,
            "trust": 0.8,
            "vendor": "nginx",
            "version": null
          },
          {
            "model": "fedora",
            "scope": null,
            "trust": 0.8,
            "vendor": "fedora",
            "version": null
          },
          {
            "model": "php",
            "scope": "lte",
            "trust": 0.8,
            "vendor": "the php group",
            "version": "7.0.8"
          },
          {
            "model": "linux",
            "scope": null,
            "trust": 0.8,
            "vendor": "oracle",
            "version": null
          },
          {
            "model": "system management homepage",
            "scope": null,
            "trust": 0.8,
            "vendor": "hewlett packard",
            "version": null
          },
          {
            "model": "webotx",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "enterprise edition v4.1 to  v6.5"
          },
          {
            "model": "webotx",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "standard edition v4.1 to  v6.5"
          },
          {
            "model": "webotx",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "standard-j edition v4.1 to  v6.5"
          },
          {
            "model": "webotx",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "web edition v4.1 to  v6.5"
          },
          {
            "model": "webotx",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "development environment  v6.1 to  v6.5"
          },
          {
            "model": "webotx application server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "enterprise v8.2 to  v9.4"
          },
          {
            "model": "webotx application server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "express v8.2 to  v9.4"
          },
          {
            "model": "webotx application server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "foundation v8.2 to  v8.5"
          },
          {
            "model": "webotx application server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "standard v8.2 to  v9.4"
          },
          {
            "model": "webotx application server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "standard-j edition v7.1 to  v8.1"
          },
          {
            "model": "webotx application server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "web edition v7.1 to  v8.1"
          },
          {
            "model": "webotx developer",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "\"(with developers studio) v8.2 to  v9.4\""
          },
          {
            "model": "webotx developer",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "v7.1 to  v8.1"
          },
          {
            "model": "webotx enterprise service bus",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "v6.4 to  v9.3"
          },
          {
            "model": "webotx portal",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "v8.2 to  v9.3"
          },
          {
            "model": "webotx sip application server",
            "scope": "eq",
            "trust": 0.8,
            "vendor": "nec",
            "version": "standard edition v7.1 to  v8.1"
          },
          {
            "model": "linux",
            "scope": "eq",
            "trust": 0.6,
            "vendor": "oracle",
            "version": "7.0"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#797896"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-003800"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201607-538"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-5385"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.2.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.2:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:communications_user_data_repository:10.0.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:communications_user_data_repository:12.0.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:oracle:communications_user_data_repository:10.0.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:24:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:o:hp:storeever_msl6480_tape_library_firmware:*:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "versionEndIncluding": "5.09",
                        "vulnerable": true
                      }
                    ],
                    "operator": "OR"
                  },
                  {
                    "children": [],
                    "cpe_match": [
                      {
                        "cpe23Uri": "cpe:2.3:h:hp:storeever_msl6480_tape_library:-:*:*:*:*:*:*:*",
                        "cpe_name": [],
                        "vulnerable": false
                      }
                    ],
                    "operator": "OR"
                  }
                ],
                "cpe_match": [],
                "operator": "AND"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:hp:system_management_homepage:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "7.5.5.0",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "5.6.24",
                    "versionStartIncluding": "5.6.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "5.5.38",
                    "versionStartIncluding": "5.5.0",
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:a:php:php:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "7.0.8",
                    "versionStartIncluding": "7.0.0",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  },
                  {
                    "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:drupal:drupal:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndExcluding": "8.1.7",
                    "versionStartIncluding": "8.0.0",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2016-5385"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Debian",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "138070"
          }
        ],
        "trust": 0.1
      },
      "cve": "CVE-2016-5385",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "HIGH",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.1,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 4.9,
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "MEDIUM",
                "trust": 1.0,
                "userInteractionRequired": false,
                "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "High",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 5.1,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "CVE-2016-5385",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "Medium",
                "trust": 0.9,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "HIGH",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "VULHUB",
                "availabilityImpact": "PARTIAL",
                "baseScore": 5.1,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 4.9,
                "id": "VHN-94204",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "MEDIUM",
                "trust": 0.1,
                "vectorString": "AV:N/AC:H/AU:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "author": "NVD",
                "availabilityImpact": "HIGH",
                "baseScore": 8.1,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 2.2,
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              {
                "attackComplexity": "High",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 8.1,
                "baseSeverity": "High",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2016-5385",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2016-5385",
                "trust": 1.8,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201607-538",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "VULHUB",
                "id": "VHN-94204",
                "trust": 0.1,
                "value": "MEDIUM"
              },
              {
                "author": "VULMON",
                "id": "CVE-2016-5385",
                "trust": 0.1,
                "value": "MEDIUM"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-94204"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-5385"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-003800"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201607-538"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-5385"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "PHP through 7.0.8 does not attempt to address RFC 3875 section 4.1.18 namespace conflicts and therefore does not protect applications from the presence of untrusted client data in the HTTP_PROXY environment variable, which might allow remote attackers to redirect an application\u0027s outbound HTTP traffic to an arbitrary proxy server via a crafted Proxy header in an HTTP request, as demonstrated by (1) an application that makes a getenv(\u0027HTTP_PROXY\u0027) call or (2) a CGI configuration of PHP, aka an \"httpoxy\" issue. Web servers running in a CGI or CGI-like context may assign client request Proxy header values to internal HTTP_PROXY environment variables. This vulnerability can be leveraged to conduct man-in-the-middle (MITM) attacks on internal subrequests or to direct the server to initiate connections to arbitrary hosts. This vulnerability \"httpoxy\" Is called a problem. PHP (PHP: Hypertext Preprocessor, PHP: Hypertext Preprocessor) is an open source general-purpose computer scripting language jointly maintained by the PHP Group and the open source community. The language is mainly used for Web development and supports a variety of databases and operating systems. There is a security vulnerability in PHP 7.0.8 and earlier versions, the vulnerability stems from the fact that the program does not resolve namespace conflicts in RFC 3875 mode. The program does not properly handle data from untrusted client applications in the HTTP_PROXY environment variable. A remote attacker uses the specially crafted Proxy header message in the HTTP request to exploit this vulnerability to implement a man-in-the-middle attack, directing the server to send a connection to any host. \n\nThe vulnerabilities are addressed by upgrading PHP to the new upstream\nversion 5.6.24, which includes additional bug fixes. Please refer to the\nupstream changelog for more information:\n\nhttps://php.net/ChangeLog-5.php#5.6.24\n\nFor the stable distribution (jessie), these problems have been fixed in\nversion 5.6.24+dfsg-0+deb8u1. \n\nFor the unstable distribution (sid), these problems have been fixed in\nversion 7.0.9-1 of the php7.0 source package. \n\nWe recommend that you upgrade your php5 packages. \n\n\nHere are the details from the Slackware 14.2 ChangeLog:\n+--------------------------+\npatches/packages/php-5.6.24-i586-1_slack14.2.txz:  Upgraded. \n  For more information, see:\n    http://php.net/ChangeLog-5.php#5.6.24\n    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5385\n    http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6207\n  (* Security fix *)\n+--------------------------+\n\n\nWhere to find the new packages:\n+-----------------------------+\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project!  :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you. \n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/php-5.6.24-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/php-5.6.24-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/php-5.6.24-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/php-5.6.24-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/php-5.6.24-i586-1_slack14.2.txz\n\nUpdated package for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/php-5.6.24-x86_64-1_slack14.2.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/php-5.6.24-i586-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/php-5.6.24-x86_64-1.txz\n\n\nMD5 signatures:\n+-------------+\n\nSlackware 14.0 package:\n712cc177c9ac10f3d58e871ff27260dc  php-5.6.24-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\n47f6ad4a81517f5b2959abc73475742b  php-5.6.24-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\naea6a8869946186781e55c5ecec952b0  php-5.6.24-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\nab16db742762605b9b219b37cdd7e8db  php-5.6.24-x86_64-1_slack14.1.txz\n\nSlackware 14.2 package:\nc88a731667e741443712267d9b30286a  php-5.6.24-i586-1_slack14.2.txz\n\nSlackware x86_64 14.2 package:\ned5b31c94e2fb91f0e6c40051f51da1c  php-5.6.24-x86_64-1_slack14.2.txz\n\nSlackware -current package:\nc25a85fece34101d35b8785022cef94d  n/php-5.6.24-i586-1.txz\n\nSlackware x86_64 -current package:\n17f8886fc0901cea6d593170ea00fe7b  n/php-5.6.24-x86_64-1.txz\n\n\nInstallation instructions:\n+------------------------+\n\nUpgrade the package as root:\n# upgradepkg php-5.6.24-i586-1_slack14.2.txz\n\nThen, restart Apache httpd:\n# /etc/rc.d/rc.httpd stop\n# /etc/rc.d/rc.httpd start\n\n\n+-----+\n\nSlackware Linux Security Team\nhttp://slackware.com/gpg-key\nsecurity@slackware.com\n\n+------------------------------------------------------------------------+\n| To leave the slackware-security mailing list:                          |\n+------------------------------------------------------------------------+\n| Send an email to majordomo@slackware.com with this text in the body of |\n| the email message:                                                     |\n|                                                                        |\n|   unsubscribe slackware-security                                       |\n|                                                                        |\n| You will get a confirmation message back containing instructions to    |\n| complete the process.  Please do not reply to this email address. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n                   Red Hat Security Advisory\n\nSynopsis:          Moderate: php security and bug fix update\nAdvisory ID:       RHSA-2016:1613-01\nProduct:           Red Hat Enterprise Linux\nAdvisory URL:      https://rhn.redhat.com/errata/RHSA-2016-1613.html\nIssue date:        2016-08-11\nCVE Names:         CVE-2016-5385 \n=====================================================================\n\n1. Summary:\n\nAn update for php is now available for Red Hat Enterprise Linux 7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nRed Hat Enterprise Linux Client Optional (v. 7) - x86_64\nRed Hat Enterprise Linux ComputeNode Optional (v. 7) - x86_64\nRed Hat Enterprise Linux Server (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Server Optional (v. 7) - ppc64, ppc64le, s390x, x86_64\nRed Hat Enterprise Linux Workstation (v. 7) - x86_64\nRed Hat Enterprise Linux Workstation Optional (v. 7) - x86_64\n\n3. (CVE-2016-5385)\n\nRed Hat would like to thank Scott Geary (VendHQ) for reporting this issue. \n\nBug Fix(es):\n\n* Previously, an incorrect logic in the SAPI header callback routine caused\nthat the callback counter was not incremented. Consequently, when a script\nincluded a header callback, it could terminate unexpectedly with a\nsegmentation fault. With this update, the callback counter is properly\nmanaged, and scripts with a header callback implementation work as\nexpected. (BZ#1346758)\n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\nAfter installing the updated packages, the httpd daemon must be restarted\nfor the update to take effect. \n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1346758 - Segmentation fault while header_register_callback\n1353794 - CVE-2016-5385 PHP: sets environmental variable based on user supplied Proxy request header\n\n6. Package List:\n\nRed Hat Enterprise Linux Client Optional (v. 7):\n\nSource:\nphp-5.4.16-36.3.el7_2.src.rpm\n\nx86_64:\nphp-5.4.16-36.3.el7_2.x86_64.rpm\nphp-bcmath-5.4.16-36.3.el7_2.x86_64.rpm\nphp-cli-5.4.16-36.3.el7_2.x86_64.rpm\nphp-common-5.4.16-36.3.el7_2.x86_64.rpm\nphp-dba-5.4.16-36.3.el7_2.x86_64.rpm\nphp-debuginfo-5.4.16-36.3.el7_2.x86_64.rpm\nphp-devel-5.4.16-36.3.el7_2.x86_64.rpm\nphp-embedded-5.4.16-36.3.el7_2.x86_64.rpm\nphp-enchant-5.4.16-36.3.el7_2.x86_64.rpm\nphp-fpm-5.4.16-36.3.el7_2.x86_64.rpm\nphp-gd-5.4.16-36.3.el7_2.x86_64.rpm\nphp-intl-5.4.16-36.3.el7_2.x86_64.rpm\nphp-ldap-5.4.16-36.3.el7_2.x86_64.rpm\nphp-mbstring-5.4.16-36.3.el7_2.x86_64.rpm\nphp-mysql-5.4.16-36.3.el7_2.x86_64.rpm\nphp-mysqlnd-5.4.16-36.3.el7_2.x86_64.rpm\nphp-odbc-5.4.16-36.3.el7_2.x86_64.rpm\nphp-pdo-5.4.16-36.3.el7_2.x86_64.rpm\nphp-pgsql-5.4.16-36.3.el7_2.x86_64.rpm\nphp-process-5.4.16-36.3.el7_2.x86_64.rpm\nphp-pspell-5.4.16-36.3.el7_2.x86_64.rpm\nphp-recode-5.4.16-36.3.el7_2.x86_64.rpm\nphp-snmp-5.4.16-36.3.el7_2.x86_64.rpm\nphp-soap-5.4.16-36.3.el7_2.x86_64.rpm\nphp-xml-5.4.16-36.3.el7_2.x86_64.rpm\nphp-xmlrpc-5.4.16-36.3.el7_2.x86_64.rpm\n\nRed Hat Enterprise Linux ComputeNode Optional (v. 7):\n\nSource:\nphp-5.4.16-36.3.el7_2.src.rpm\n\nx86_64:\nphp-5.4.16-36.3.el7_2.x86_64.rpm\nphp-bcmath-5.4.16-36.3.el7_2.x86_64.rpm\nphp-cli-5.4.16-36.3.el7_2.x86_64.rpm\nphp-common-5.4.16-36.3.el7_2.x86_64.rpm\nphp-dba-5.4.16-36.3.el7_2.x86_64.rpm\nphp-debuginfo-5.4.16-36.3.el7_2.x86_64.rpm\nphp-devel-5.4.16-36.3.el7_2.x86_64.rpm\nphp-embedded-5.4.16-36.3.el7_2.x86_64.rpm\nphp-enchant-5.4.16-36.3.el7_2.x86_64.rpm\nphp-fpm-5.4.16-36.3.el7_2.x86_64.rpm\nphp-gd-5.4.16-36.3.el7_2.x86_64.rpm\nphp-intl-5.4.16-36.3.el7_2.x86_64.rpm\nphp-ldap-5.4.16-36.3.el7_2.x86_64.rpm\nphp-mbstring-5.4.16-36.3.el7_2.x86_64.rpm\nphp-mysql-5.4.16-36.3.el7_2.x86_64.rpm\nphp-mysqlnd-5.4.16-36.3.el7_2.x86_64.rpm\nphp-odbc-5.4.16-36.3.el7_2.x86_64.rpm\nphp-pdo-5.4.16-36.3.el7_2.x86_64.rpm\nphp-pgsql-5.4.16-36.3.el7_2.x86_64.rpm\nphp-process-5.4.16-36.3.el7_2.x86_64.rpm\nphp-pspell-5.4.16-36.3.el7_2.x86_64.rpm\nphp-recode-5.4.16-36.3.el7_2.x86_64.rpm\nphp-snmp-5.4.16-36.3.el7_2.x86_64.rpm\nphp-soap-5.4.16-36.3.el7_2.x86_64.rpm\nphp-xml-5.4.16-36.3.el7_2.x86_64.rpm\nphp-xmlrpc-5.4.16-36.3.el7_2.x86_64.rpm\n\nRed Hat Enterprise Linux Server (v. 7):\n\nSource:\nphp-5.4.16-36.3.el7_2.src.rpm\n\nppc64:\nphp-5.4.16-36.3.el7_2.ppc64.rpm\nphp-cli-5.4.16-36.3.el7_2.ppc64.rpm\nphp-common-5.4.16-36.3.el7_2.ppc64.rpm\nphp-debuginfo-5.4.16-36.3.el7_2.ppc64.rpm\nphp-gd-5.4.16-36.3.el7_2.ppc64.rpm\nphp-ldap-5.4.16-36.3.el7_2.ppc64.rpm\nphp-mysql-5.4.16-36.3.el7_2.ppc64.rpm\nphp-odbc-5.4.16-36.3.el7_2.ppc64.rpm\nphp-pdo-5.4.16-36.3.el7_2.ppc64.rpm\nphp-pgsql-5.4.16-36.3.el7_2.ppc64.rpm\nphp-process-5.4.16-36.3.el7_2.ppc64.rpm\nphp-recode-5.4.16-36.3.el7_2.ppc64.rpm\nphp-soap-5.4.16-36.3.el7_2.ppc64.rpm\nphp-xml-5.4.16-36.3.el7_2.ppc64.rpm\nphp-xmlrpc-5.4.16-36.3.el7_2.ppc64.rpm\n\nppc64le:\nphp-5.4.16-36.3.el7_2.ppc64le.rpm\nphp-cli-5.4.16-36.3.el7_2.ppc64le.rpm\nphp-common-5.4.16-36.3.el7_2.ppc64le.rpm\nphp-debuginfo-5.4.16-36.3.el7_2.ppc64le.rpm\nphp-gd-5.4.16-36.3.el7_2.ppc64le.rpm\nphp-ldap-5.4.16-36.3.el7_2.ppc64le.rpm\nphp-mysql-5.4.16-36.3.el7_2.ppc64le.rpm\nphp-odbc-5.4.16-36.3.el7_2.ppc64le.rpm\nphp-pdo-5.4.16-36.3.el7_2.ppc64le.rpm\nphp-pgsql-5.4.16-36.3.el7_2.ppc64le.rpm\nphp-process-5.4.16-36.3.el7_2.ppc64le.rpm\nphp-recode-5.4.16-36.3.el7_2.ppc64le.rpm\nphp-soap-5.4.16-36.3.el7_2.ppc64le.rpm\nphp-xml-5.4.16-36.3.el7_2.ppc64le.rpm\nphp-xmlrpc-5.4.16-36.3.el7_2.ppc64le.rpm\n\ns390x:\nphp-5.4.16-36.3.el7_2.s390x.rpm\nphp-cli-5.4.16-36.3.el7_2.s390x.rpm\nphp-common-5.4.16-36.3.el7_2.s390x.rpm\nphp-debuginfo-5.4.16-36.3.el7_2.s390x.rpm\nphp-gd-5.4.16-36.3.el7_2.s390x.rpm\nphp-ldap-5.4.16-36.3.el7_2.s390x.rpm\nphp-mysql-5.4.16-36.3.el7_2.s390x.rpm\nphp-odbc-5.4.16-36.3.el7_2.s390x.rpm\nphp-pdo-5.4.16-36.3.el7_2.s390x.rpm\nphp-pgsql-5.4.16-36.3.el7_2.s390x.rpm\nphp-process-5.4.16-36.3.el7_2.s390x.rpm\nphp-recode-5.4.16-36.3.el7_2.s390x.rpm\nphp-soap-5.4.16-36.3.el7_2.s390x.rpm\nphp-xml-5.4.16-36.3.el7_2.s390x.rpm\nphp-xmlrpc-5.4.16-36.3.el7_2.s390x.rpm\n\nx86_64:\nphp-5.4.16-36.3.el7_2.x86_64.rpm\nphp-cli-5.4.16-36.3.el7_2.x86_64.rpm\nphp-common-5.4.16-36.3.el7_2.x86_64.rpm\nphp-debuginfo-5.4.16-36.3.el7_2.x86_64.rpm\nphp-gd-5.4.16-36.3.el7_2.x86_64.rpm\nphp-ldap-5.4.16-36.3.el7_2.x86_64.rpm\nphp-mysql-5.4.16-36.3.el7_2.x86_64.rpm\nphp-odbc-5.4.16-36.3.el7_2.x86_64.rpm\nphp-pdo-5.4.16-36.3.el7_2.x86_64.rpm\nphp-pgsql-5.4.16-36.3.el7_2.x86_64.rpm\nphp-process-5.4.16-36.3.el7_2.x86_64.rpm\nphp-recode-5.4.16-36.3.el7_2.x86_64.rpm\nphp-soap-5.4.16-36.3.el7_2.x86_64.rpm\nphp-xml-5.4.16-36.3.el7_2.x86_64.rpm\nphp-xmlrpc-5.4.16-36.3.el7_2.x86_64.rpm\n\nRed Hat Enterprise Linux Server Optional (v. 7):\n\nppc64:\nphp-bcmath-5.4.16-36.3.el7_2.ppc64.rpm\nphp-dba-5.4.16-36.3.el7_2.ppc64.rpm\nphp-debuginfo-5.4.16-36.3.el7_2.ppc64.rpm\nphp-devel-5.4.16-36.3.el7_2.ppc64.rpm\nphp-embedded-5.4.16-36.3.el7_2.ppc64.rpm\nphp-enchant-5.4.16-36.3.el7_2.ppc64.rpm\nphp-fpm-5.4.16-36.3.el7_2.ppc64.rpm\nphp-intl-5.4.16-36.3.el7_2.ppc64.rpm\nphp-mbstring-5.4.16-36.3.el7_2.ppc64.rpm\nphp-mysqlnd-5.4.16-36.3.el7_2.ppc64.rpm\nphp-pspell-5.4.16-36.3.el7_2.ppc64.rpm\nphp-snmp-5.4.16-36.3.el7_2.ppc64.rpm\n\nppc64le:\nphp-bcmath-5.4.16-36.3.el7_2.ppc64le.rpm\nphp-dba-5.4.16-36.3.el7_2.ppc64le.rpm\nphp-debuginfo-5.4.16-36.3.el7_2.ppc64le.rpm\nphp-devel-5.4.16-36.3.el7_2.ppc64le.rpm\nphp-embedded-5.4.16-36.3.el7_2.ppc64le.rpm\nphp-enchant-5.4.16-36.3.el7_2.ppc64le.rpm\nphp-fpm-5.4.16-36.3.el7_2.ppc64le.rpm\nphp-intl-5.4.16-36.3.el7_2.ppc64le.rpm\nphp-mbstring-5.4.16-36.3.el7_2.ppc64le.rpm\nphp-mysqlnd-5.4.16-36.3.el7_2.ppc64le.rpm\nphp-pspell-5.4.16-36.3.el7_2.ppc64le.rpm\nphp-snmp-5.4.16-36.3.el7_2.ppc64le.rpm\n\ns390x:\nphp-bcmath-5.4.16-36.3.el7_2.s390x.rpm\nphp-dba-5.4.16-36.3.el7_2.s390x.rpm\nphp-debuginfo-5.4.16-36.3.el7_2.s390x.rpm\nphp-devel-5.4.16-36.3.el7_2.s390x.rpm\nphp-embedded-5.4.16-36.3.el7_2.s390x.rpm\nphp-enchant-5.4.16-36.3.el7_2.s390x.rpm\nphp-fpm-5.4.16-36.3.el7_2.s390x.rpm\nphp-intl-5.4.16-36.3.el7_2.s390x.rpm\nphp-mbstring-5.4.16-36.3.el7_2.s390x.rpm\nphp-mysqlnd-5.4.16-36.3.el7_2.s390x.rpm\nphp-pspell-5.4.16-36.3.el7_2.s390x.rpm\nphp-snmp-5.4.16-36.3.el7_2.s390x.rpm\n\nx86_64:\nphp-bcmath-5.4.16-36.3.el7_2.x86_64.rpm\nphp-dba-5.4.16-36.3.el7_2.x86_64.rpm\nphp-debuginfo-5.4.16-36.3.el7_2.x86_64.rpm\nphp-devel-5.4.16-36.3.el7_2.x86_64.rpm\nphp-embedded-5.4.16-36.3.el7_2.x86_64.rpm\nphp-enchant-5.4.16-36.3.el7_2.x86_64.rpm\nphp-fpm-5.4.16-36.3.el7_2.x86_64.rpm\nphp-intl-5.4.16-36.3.el7_2.x86_64.rpm\nphp-mbstring-5.4.16-36.3.el7_2.x86_64.rpm\nphp-mysqlnd-5.4.16-36.3.el7_2.x86_64.rpm\nphp-pspell-5.4.16-36.3.el7_2.x86_64.rpm\nphp-snmp-5.4.16-36.3.el7_2.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation (v. 7):\n\nSource:\nphp-5.4.16-36.3.el7_2.src.rpm\n\nx86_64:\nphp-5.4.16-36.3.el7_2.x86_64.rpm\nphp-cli-5.4.16-36.3.el7_2.x86_64.rpm\nphp-common-5.4.16-36.3.el7_2.x86_64.rpm\nphp-debuginfo-5.4.16-36.3.el7_2.x86_64.rpm\nphp-gd-5.4.16-36.3.el7_2.x86_64.rpm\nphp-ldap-5.4.16-36.3.el7_2.x86_64.rpm\nphp-mysql-5.4.16-36.3.el7_2.x86_64.rpm\nphp-odbc-5.4.16-36.3.el7_2.x86_64.rpm\nphp-pdo-5.4.16-36.3.el7_2.x86_64.rpm\nphp-pgsql-5.4.16-36.3.el7_2.x86_64.rpm\nphp-process-5.4.16-36.3.el7_2.x86_64.rpm\nphp-recode-5.4.16-36.3.el7_2.x86_64.rpm\nphp-soap-5.4.16-36.3.el7_2.x86_64.rpm\nphp-xml-5.4.16-36.3.el7_2.x86_64.rpm\nphp-xmlrpc-5.4.16-36.3.el7_2.x86_64.rpm\n\nRed Hat Enterprise Linux Workstation Optional (v. 7):\n\nx86_64:\nphp-bcmath-5.4.16-36.3.el7_2.x86_64.rpm\nphp-dba-5.4.16-36.3.el7_2.x86_64.rpm\nphp-debuginfo-5.4.16-36.3.el7_2.x86_64.rpm\nphp-devel-5.4.16-36.3.el7_2.x86_64.rpm\nphp-embedded-5.4.16-36.3.el7_2.x86_64.rpm\nphp-enchant-5.4.16-36.3.el7_2.x86_64.rpm\nphp-fpm-5.4.16-36.3.el7_2.x86_64.rpm\nphp-intl-5.4.16-36.3.el7_2.x86_64.rpm\nphp-mbstring-5.4.16-36.3.el7_2.x86_64.rpm\nphp-mysqlnd-5.4.16-36.3.el7_2.x86_64.rpm\nphp-pspell-5.4.16-36.3.el7_2.x86_64.rpm\nphp-snmp-5.4.16-36.3.el7_2.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFXrPgaXlSAg2UNWIIRAjn0AJ9+uobkj268+7awLhgQLyNGujzgkgCgp8+D\nggdX4EUo7inKwJDZgGYrNok=\n=Zn6M\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n=========================================================================\nUbuntu Security Notice USN-3045-1\nAugust 02, 2016\n\nphp5, php7.0 vulnerabilities\n=========================================================================\n\nA security issue affects these releases of Ubuntu and its derivatives:\n\n- Ubuntu 16.04 LTS\n- Ubuntu 14.04 LTS\n- Ubuntu 12.04 LTS\n\nSummary:\n\nSeveral security issues were fixed in PHP. \n\nSoftware Description:\n- php7.0: HTML-embedded scripting language interpreter\n- php5: HTML-embedded scripting language interpreter\n\nDetails:\n\nIt was discovered that PHP incorrectly handled certain SplMinHeap::compar\ne\noperations. A remote attacker could use this issue to cause PHP to crash,\n\nresulting in a denial of service, or possibly execute arbitrary code. Thi\ns\nissue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2015-4116\n)\n\nIt was discovered that PHP incorrectly handled recursive method calls. A\nremote attacker could use this issue to cause PHP to crash, resulting in \na\ndenial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu\n14.04 LTS. (CVE-2015-8873)\n\nIt was discovered that PHP incorrectly validated certain Exception object\ns\nwhen unserializing data. A remote attacker could use this issue to cause\nPHP to crash, resulting in a denial of service, or possibly execute\narbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.0\n4\nLTS. (CVE-2015-8876)\n\nIt was discovered that PHP header() function performed insufficient\nfiltering for Internet Explorer. A remote attacker could possibly use thi\ns\nissue to perform a XSS attack. This issue only affected Ubuntu 12.04 LTS\nand Ubuntu 14.04 LTS. (CVE-2015-8935)\n\nIt was discovered that PHP incorrectly handled certain locale operations. \n\nAn attacker could use this issue to cause PHP to crash, resulting in a\ndenial of service. This issue only affected Ubuntu 12.04 LTS and Ubuntu\n14.04 LTS. (CVE-2016-5093)\n\nIt was discovered that the PHP php_html_entities() function incorrectly\nhandled certain string lengths. A remote attacker could use this issue to\n\ncause PHP to crash, resulting in a denial of service, or possibly execute\n\narbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.0\n4\nLTS. (CVE-2016-5094, CVE-2016-5095)\n\nIt was discovered that the PHP fread() function incorrectly handled certa\nin\nlengths. An attacker could use this issue to cause PHP to crash, resultin\ng\nin a denial of service, or possibly execute arbitrary code. This issue on\nly\naffected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2016-5096)\n\nIt was discovered that the PHP FastCGI Process Manager (FPM) SAPI\nincorrectly handled memory in the access logging feature. An attacker cou\nld\nuse this issue to cause PHP to crash, resulting in a denial of service, o\nr\npossibly expose sensitive information. This issue only affected Ubuntu\n12.04 LTS and Ubuntu 14.04 LTS. (CVE-2016-5114)\n\nIt was discovered that PHP would not protect applications from contents o\nf\nthe HTTP_PROXY environment variable when based on the contents of the Pro\nxy\nheader from HTTP requests. A remote attacker could possibly use this issu\ne\nin combination with scripts that honour the HTTP_PROXY variable to redire\nct\noutgoing HTTP requests. (CVE-2016-5385)\n\nHans Jerry Illikainen discovered that the PHP bzread() function incorrect\nly\nperformed error handling. A remote attacker could use this issue to cause\n\nPHP to crash, resulting in a denial of service, or possibly execute\narbitrary code. (CVE-2016-5399)\n\nIt was discovered that certain PHP multibyte string functions incorrectly\n\nhandled memory. A remote attacker could use this issue to cause PHP to\ncrash, resulting in a denial of service, or possibly execute arbitrary\ncode. This issue only affected Ubuntu 14.04 LTS. (CVE-2016-5768)\n\nIt was discovered that the PHP Mcrypt extension incorrectly handled memor\ny. \nA remote attacker could use this issue to cause PHP to crash, resulting i\nn\na denial of service, or possibly execute arbitrary code. This issue only\naffected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. (CVE-2016-5769)\n\nIt was discovered that the PHP garbage collector incorrectly handled\ncertain objects when unserializing malicious data. A remote attacker coul\nd\nuse this issue to cause PHP to crash, resulting in a denial of service, o\nr\npossibly execute arbitrary code. This issue was only addressed in Ubuntu\nUbuntu 14.04 LTS. (CVE-2016-5771, CVE-2016-5773)\n\nIt was discovered that PHP incorrectly handled memory when unserializing\nmalicious xml data. A remote attacker could use this issue to cause PHP t\no\ncrash, resulting in a denial of service, or possibly execute arbitrary\ncode. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.04 LTS. \n(CVE-2016-5772)\n\nIt was discovered that the PHP php_url_parse_ex() function incorrectly\nhandled string termination. A remote attacker could use this issue to cau\nse\nPHP to crash, resulting in a denial of service, or possibly execute\narbitrary code. This issue only affected Ubuntu 12.04 LTS and Ubuntu 14.0\n4\nLTS. (CVE-2016-6288)\n\nIt was discovered that PHP incorrectly handled path lengths when extracti\nng\ncertain Zip archives. A remote attacker could use this issue to cause PHP\n\nto crash, resulting in a denial of service, or possibly execute arbitrary\n\ncode. (CVE-2016-6289)\n\nIt was discovered that PHP incorrectly handled session deserialization. A\n\nremote attacker could use this issue to cause PHP to crash, resulting in \na\ndenial of service, or possibly execute arbitrary code. (CVE-2016-6290)\n\nIt was discovered that PHP incorrectly handled exif headers when processi\nng\ncertain JPEG images. A remote attacker could use this issue to cause PHP \nto\ncrash, resulting in a denial of service, or possibly execute arbitrary\ncode. (CVE-2016-6291, CVE-2016-6292)\n\nIt was discovered that PHP incorrectly handled certain locale operations. \n A\nremote attacker could use this issue to cause PHP to crash, resulting in \na\ndenial of service, or possibly execute arbitrary code. (CVE-2016-6294)\n\nIt was discovered that the PHP garbage collector incorrectly handled\ncertain objects when unserializing SNMP data. A remote attacker could use\n\nthis issue to cause PHP to crash, resulting in a denial of service, or\npossibly execute arbitrary code. This issue only affected Ubuntu 14.04 LT\nS\nand Ubuntu 16.04 LTS. (CVE-2016-6295)\n\nIt was discovered that the PHP xmlrpc_encode_request() function incorrect\nly\nhandled certain lengths. An attacker could use this issue to cause PHP to\n\ncrash, resulting in a denial of service, or possibly execute arbitrary\ncode. (CVE-2016-6296)\n\nIt was discovered that the PHP php_stream_zip_opener() function incorrect\nly\nhandled memory. An attacker could use this issue to cause PHP to crash,\nresulting in a denial of service, or possibly execute arbitrary code. \n(CVE-2016-6297)\n\nUpdate instructions:\n\nThe problem can be corrected by updating your system to the following\npackage versions:\n\nUbuntu 16.04 LTS:\n  libapache2-mod-php7.0           7.0.8-0ubuntu0.16.04.2\n  php7.0-cgi                      7.0.8-0ubuntu0.16.04.2\n  php7.0-cli                      7.0.8-0ubuntu0.16.04.2\n  php7.0-fpm                      7.0.8-0ubuntu0.16.04.2\n\nUbuntu 14.04 LTS:\n  libapache2-mod-php5             5.5.9+dfsg-1ubuntu4.19\n  php5-cgi                        5.5.9+dfsg-1ubuntu4.19\n  php5-cli                        5.5.9+dfsg-1ubuntu4.19\n  php5-fpm                        5.5.9+dfsg-1ubuntu4.19\n\nUbuntu 12.04 LTS:\n  libapache2-mod-php5             5.3.10-1ubuntu3.24\n  php5-cgi                        5.3.10-1ubuntu3.24\n  php5-cli                        5.3.10-1ubuntu3.24\n  php5-fpm                        5.3.10-1ubuntu3.24\n\nIn general, a standard system update will make all the necessary changes. \n\n\nReferences:\n  http://www.ubuntu.com/usn/usn-3045-1\n  CVE-2015-4116, CVE-2015-8873, CVE-2015-8876, CVE-2015-8935,\n  CVE-2016-5093, CVE-2016-5094, CVE-2016-5095, CVE-2016-5096,\n  CVE-2016-5114, CVE-2016-5385, CVE-2016-5399, CVE-2016-5768,\n  CVE-2016-5769, CVE-2016-5771, CVE-2016-5772, CVE-2016-5773,\n  CVE-2016-6288, CVE-2016-6289, CVE-2016-6290, CVE-2016-6291,\n  CVE-2016-6292, CVE-2016-6294, CVE-2016-6295, CVE-2016-6296,\n  CVE-2016-6297\n\nPackage Information:\n  https://launchpad.net/ubuntu/+source/php7.0/7.0.8-0ubuntu0.16.04.2\n  https://launchpad.net/ubuntu/+source/php5/5.5.9+dfsg-1ubuntu4.19\n  https://launchpad.net/ubuntu/+source/php5/5.3.10-1ubuntu3.24\n\n\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA256\n\nNote: the current version of the following document is available here:\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c05333297\n\nSUPPORT COMMUNICATION - SECURITY BULLETIN\n\nDocument ID: c05333297\nVersion: 2\n\nHPSBST03671 rev.2 - HPE StoreEver MSL6480 Tape Library Management Interface,\nMultiple Remote Vulnerabilities\n\nNOTICE: The information in this Security Bulletin should be acted upon as\nsoon as possible. \n\nRelease Date: 2017-01-14\nLast Updated: 2017-01-13\n\nPotential Security Impact: Remote: Denial of Service (DoS), Unauthorized\nDisclosure of Information\n\nSource: Hewlett Packard Enterprise, Product Security Response Team\n\nVULNERABILITY SUMMARY\nA security vulnerability in PHP was addressed by the HPE StoreEver MSL6480\nTape Library firmware version 5.10. The vulnerability could be exploited\nremotely to allow Unauthorized Disclosure of Information or Denial of Service\nvia the Ethernet Management Interface.  Please note that the Management\nInterface cannot access data stored on tape media, so this vulnerability does\nnot allow for remote unauthorized disclosure of data stored on tape media or\nremote denial of service. \n\nReferences:\n\n  - CVE-2016-5385 - PHP, HTTPoxy\n  - CVE-2016-3074 - PHP\n  - CVE-2013-7456 - PHP\n  - CVE-2016-5093 - PHP\n  - CVE-2016-5094 - PHP\n  - CVE-2016-5096 - PHP\n  - CVE-2016-5766 - PHP\n  - CVE-2016-5767 - PHP\n  - CVE-2016-5768 - PHP\n  - CVE-2016-5769 - PHP\n  - CVE-2016-5770 - PHP\n  - CVE-2016-5771 - PHP\n  - CVE-2016-5772 - PHP\n  - CVE-2016-5773 - PHP\n  - CVE-2016-6207 - GD Graphics Library\n  - CVE-2016-6289 - PHP\n  - CVE-2016-6290 - PHP\n  - CVE-2016-6291 - PHP\n  - CVE-2016-6292 - PHP\n  - CVE-2016-6293 - PHP\n  - CVE-2016-6294 - PHP\n  - CVE-2016-6295 - PHP\n  - CVE-2016-6296 - PHP\n  - CVE-2016-6297 - PHP\n  - CVE-2016-5399 - PHP\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \n\n  - HP StoreEver MSL6480 Tape Library prior to 5.10\n\nBACKGROUND\n\n  CVSS Base Metrics\n  =================\n  Reference, CVSS V3 Score/Vector, CVSS V2 Score/Vector\n\n    CVE-2013-7456\n      7.6 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:L/A:H\n      6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n\n    CVE-2016-3074\n      9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n      7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n    CVE-2016-5093\n      8.6 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H\n      7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n    CVE-2016-5094\n      8.6 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H\n      7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n    CVE-2016-5096\n      8.6 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H\n      7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n    CVE-2016-5385\n      8.1 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\n      5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P)\n\n    CVE-2016-5399\n      8.1 CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H\n      5.1 (AV:N/AC:H/Au:N/C:P/I:P/A:P)\n\n    CVE-2016-5766\n      8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\n      6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n\n    CVE-2016-5767\n      8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\n      6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n\n    CVE-2016-5768\n      9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n      7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n    CVE-2016-5769\n      9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n      7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n    CVE-2016-5770\n      9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n      7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n    CVE-2016-5771\n      9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n      7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n    CVE-2016-5772\n      9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n      7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n    CVE-2016-5773\n      9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n      7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n    CVE-2016-6207\n      6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\n      4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)\n\n    CVE-2016-6289\n      7.8 CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\n      6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n\n    CVE-2016-6290\n      9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n      7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n    CVE-2016-6291\n      9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n      7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n    CVE-2016-6292\n      6.5 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H\n      4.3 (AV:N/AC:M/Au:N/C:N/I:N/A:P)\n\n    CVE-2016-6293\n      9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n      7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n    CVE-2016-6294\n      9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n      7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n    CVE-2016-6295\n      9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n      7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n    CVE-2016-6296\n      9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\n      7.5 (AV:N/AC:L/Au:N/C:P/I:P/A:P)\n\n    CVE-2016-6297\n      8.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H\n      6.8 (AV:N/AC:M/Au:N/C:P/I:P/A:P)\n\n    Information on CVSS is documented in\n    HPE Customer Notice HPSN-2008-002 here:\n\nhttps://h20564.www2.hpe.com/hpsc/doc/public/display?docId=emr_na-c01345499\n\nRESOLUTION\n\nHPE has provided the following software update to resolve the vulnerabilities\nfor the impacted versions of the HPE StoreEver MSL6480 Tape Library:\n\n * \u003chttp://www.hpe.com/support/msl6480\u003e\n\nHISTORY\n\nVersion:1 (rev.1) - 15 November 2016 Initial release\n\nVersion:2 (rev.2) - 13 January 2017 Updating CVE list\n\n\nThird Party Security Patches: Third party security patches that are to be\ninstalled on systems running Hewlett Packard Enterprise (HPE) software\nproducts should be applied in accordance with the customer\u0027s patch management\npolicy. \n\nSupport: For issues about implementing the recommendations of this Security\nBulletin, contact normal HPE Services support channel. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hpe.com. \n\nReport: To report a potential security vulnerability for any HPE supported\nproduct:\n  Web form: https://www.hpe.com/info/report-security-vulnerability\n  Email: security-alert@hpe.com\n\nSubscribe: To initiate a subscription to receive future HPE Security Bulletin\nalerts via Email: http://www.hpe.com/support/Subscriber_Choice\n\nSecurity Bulletin Archive: A list of recently released Security Bulletins is\navailable here: http://www.hpe.com/support/Security_Bulletin_Archive\n\nSoftware Product Category: The Software Product Category is represented in\nthe title by the two characters following HPSB. \n\n3C = 3COM\n3P = 3rd Party Software\nGN = HPE General Software\nHF = HPE Hardware and Firmware\nMU = Multi-Platform Software\nNS = NonStop Servers\nOV = OpenVMS\nPV = ProCurve\nST = Storage Software\nUX = HP-UX\n\nCopyright 2016 Hewlett Packard Enterprise\n\nHewlett Packard Enterprise shall not be liable for technical or editorial\nerrors or omissions contained herein. The information provided is provided\n\"as is\" without warranty of any kind. To the extent permitted by law, neither\nHP or its affiliates, subcontractors or suppliers will be liable for\nincidental,special or consequential damages including downtime cost; lost\nprofits; damages relating to the procurement of substitute products or\nservices; or damages for loss of data, or software restoration. The\ninformation in this document is subject to change without notice. Hewlett\nPackard Enterprise and the names of Hewlett Packard Enterprise products\nreferenced herein are trademarks of Hewlett Packard Enterprise in the United\nStates and other countries. Other product and company names mentioned herein\nmay be trademarks of their respective owners",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2016-5385"
          },
          {
            "db": "CERT/CC",
            "id": "VU#797896"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-003800"
          },
          {
            "db": "VULHUB",
            "id": "VHN-94204"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-5385"
          },
          {
            "db": "PACKETSTORM",
            "id": "138070"
          },
          {
            "db": "PACKETSTORM",
            "id": "138014"
          },
          {
            "db": "PACKETSTORM",
            "id": "138299"
          },
          {
            "db": "PACKETSTORM",
            "id": "138136"
          },
          {
            "db": "PACKETSTORM",
            "id": "140515"
          }
        ],
        "trust": 2.97
      },
      "exploit_availability": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "reference": "https://www.scap.org.cn/vuln/vhn-94204",
            "trust": 0.1,
            "type": "unknown"
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-94204"
          }
        ]
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#797896",
            "trust": 3.4
          },
          {
            "db": "NVD",
            "id": "CVE-2016-5385",
            "trust": 3.1
          },
          {
            "db": "BID",
            "id": "91821",
            "trust": 1.8
          },
          {
            "db": "SECTRACK",
            "id": "1036335",
            "trust": 1.8
          },
          {
            "db": "JVN",
            "id": "JVNVU91485132",
            "trust": 0.8
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-003800",
            "trust": 0.8
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201607-538",
            "trust": 0.7
          },
          {
            "db": "PACKETSTORM",
            "id": "138299",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "138014",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "138070",
            "trust": 0.2
          },
          {
            "db": "PACKETSTORM",
            "id": "138295",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "143933",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "138298",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "139744",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "138297",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "138296",
            "trust": 0.1
          },
          {
            "db": "VULHUB",
            "id": "VHN-94204",
            "trust": 0.1
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-5385",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "138136",
            "trust": 0.1
          },
          {
            "db": "PACKETSTORM",
            "id": "140515",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#797896"
          },
          {
            "db": "VULHUB",
            "id": "VHN-94204"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-5385"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-003800"
          },
          {
            "db": "PACKETSTORM",
            "id": "138070"
          },
          {
            "db": "PACKETSTORM",
            "id": "138014"
          },
          {
            "db": "PACKETSTORM",
            "id": "138299"
          },
          {
            "db": "PACKETSTORM",
            "id": "138136"
          },
          {
            "db": "PACKETSTORM",
            "id": "140515"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201607-538"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-5385"
          }
        ]
      },
      "id": "VAR-201607-0657",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-94204"
          }
        ],
        "trust": 0.01
      },
      "last_update_date": "2024-07-23T20:03:59.307000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "FEDORA-2016-4e7db3d437",
            "trust": 0.8,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/kzoiuyzdbwnddhc6xtolzyrmrxzwtjcp/"
          },
          {
            "title": "FEDORA-2016-8eb11666aa",
            "trust": 0.8,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7rmyxavnyl2mobjtfate73tovoezyc5r/"
          },
          {
            "title": "FEDORA-2016-9c8cf5912c",
            "trust": 0.8,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/gxfeimzpsvgzqqayiq7u7dfvx3ibsdlf/"
          },
          {
            "title": "HPSBMU03653",
            "trust": 0.8,
            "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05320149"
          },
          {
            "title": "HPSBST03671",
            "trust": 0.8,
            "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05333297"
          },
          {
            "title": "NV16-020",
            "trust": 0.8,
            "url": "http://jpn.nec.com/security-info/secinfo/nv16-020.html"
          },
          {
            "title": "Oracle Linux Bulletin - July 2016",
            "trust": 0.8,
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
          },
          {
            "title": "Bug 1353794",
            "trust": 0.8,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1353794"
          },
          {
            "title": "RHSA-2016:1609",
            "trust": 0.8,
            "url": "http://rhn.redhat.com/errata/rhsa-2016-1609.html"
          },
          {
            "title": "RHSA-2016:1610",
            "trust": 0.8,
            "url": "http://rhn.redhat.com/errata/rhsa-2016-1610.html"
          },
          {
            "title": "RHSA-2016:1611",
            "trust": 0.8,
            "url": "http://rhn.redhat.com/errata/rhsa-2016-1611.html"
          },
          {
            "title": "RHSA-2016:1612",
            "trust": 0.8,
            "url": "http://rhn.redhat.com/errata/rhsa-2016-1612.html"
          },
          {
            "title": "RHSA-2016:1613",
            "trust": 0.8,
            "url": "http://rhn.redhat.com/errata/rhsa-2016-1613.html"
          },
          {
            "title": "Top Page",
            "trust": 0.8,
            "url": "http://php.net/"
          },
          {
            "title": "TLSA-2016-19",
            "trust": 0.8,
            "url": "http://www.turbolinux.co.jp/security/2016/tlsa-2016-19j.html"
          },
          {
            "title": "PHP CGI Web server httpoxy Security vulnerabilities",
            "trust": 0.6,
            "url": "http://123.124.177.30/web/xxk/bdxqbyid.tag?id=62998"
          },
          {
            "title": "The Register",
            "trust": 0.2,
            "url": "https://www.theregister.co.uk/2016/07/18/httpoxy_hole/"
          },
          {
            "title": "Amazon Linux AMI: ALAS-2016-728",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami\u0026qid=alas-2016-728"
          },
          {
            "title": "Ubuntu Security Notice: php5, php7.0 vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=usn-3045-1"
          },
          {
            "title": "Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - July 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins\u0026qid=a22ad41e97bbfc5abb0bb927bf43089c"
          },
          {
            "title": "Forcepoint Security Advisories: HTTPoxy CGI HTTP_PROXY Variable Multiple Vulnerabilities",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=forcepoint_security_advisories\u0026qid=47734ce563632c9864b0b698ae37ddf9"
          },
          {
            "title": "Oracle: Oracle Critical Patch Update Advisory - July 2017",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=2f446a7e1ea263c0c3a365776c6713f2"
          },
          {
            "title": "Oracle Linux Bulletins: Oracle Linux Bulletin - July 2016",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_linux_bulletins\u0026qid=0bd8c924b56aac98dda0f5b45f425f38"
          },
          {
            "title": "Oracle: Oracle Critical Patch Update Advisory - January 2018",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=oracle_advisories\u0026qid=e2a7f287e9acc8c64ab3df71130bc64d"
          },
          {
            "title": "bach",
            "trust": 0.1,
            "url": "https://github.com/sonatype-nexus-community/bach "
          },
          {
            "title": "bach",
            "trust": 0.1,
            "url": "https://github.com/ossindex/bach "
          },
          {
            "title": "",
            "trust": 0.1,
            "url": "https://github.com/live-hack-cve/cve-2016-5385 "
          },
          {
            "title": "jbot",
            "trust": 0.1,
            "url": "https://github.com/jschauma/jbot "
          },
          {
            "title": "CVE-2016-5385",
            "trust": 0.1,
            "url": "https://github.com/aipocai/cve-2016-5385 "
          },
          {
            "title": "nginx-proxy",
            "trust": 0.1,
            "url": "https://github.com/chaplean/nginx-proxy "
          },
          {
            "title": "nginx-proxy2",
            "trust": 0.1,
            "url": "https://github.com/corzel/nginx-proxy2 "
          },
          {
            "title": "Test",
            "trust": 0.1,
            "url": "https://github.com/abhinav4git/test "
          },
          {
            "title": "nginx-proxy",
            "trust": 0.1,
            "url": "https://github.com/jwilder/nginx-proxy "
          },
          {
            "title": "",
            "trust": 0.1,
            "url": "https://github.com/gloveofgames/hehe "
          },
          {
            "title": "",
            "trust": 0.1,
            "url": "https://github.com/jquepi/nginx-proxy-2 "
          },
          {
            "title": "",
            "trust": 0.1,
            "url": "https://github.com/lemonhope-mz/replica_nginx-proxy "
          },
          {
            "title": "reto-ejercicio1",
            "trust": 0.1,
            "url": "https://github.com/quiriancordova/reto-ejercicio1 "
          },
          {
            "title": "nginx",
            "trust": 0.1,
            "url": "https://github.com/ratika-web/nginx "
          },
          {
            "title": "docker-nginx-proxy",
            "trust": 0.1,
            "url": "https://github.com/codekoalas/docker-nginx-proxy "
          },
          {
            "title": "jwilder-nginx-proxy",
            "trust": 0.1,
            "url": "https://github.com/linguamerica/jwilder-nginx-proxy "
          },
          {
            "title": "nginx-proxy",
            "trust": 0.1,
            "url": "https://github.com/abhi1693/nginx-proxy "
          },
          {
            "title": "DockerProject",
            "trust": 0.1,
            "url": "https://github.com/antoinechab/dockerproject "
          },
          {
            "title": "plonevhost",
            "trust": 0.1,
            "url": "https://github.com/alteroo/plonevhost "
          },
          {
            "title": "nginx-proxy-docker-image-builder",
            "trust": 0.1,
            "url": "https://github.com/expoli/nginx-proxy-docker-image-builder "
          },
          {
            "title": "reto-ejercicio3",
            "trust": 0.1,
            "url": "https://github.com/quiriancordova/reto-ejercicio3 "
          },
          {
            "title": "nginx",
            "trust": 0.1,
            "url": "https://github.com/isaiahweeks/nginx "
          },
          {
            "title": "docker-dev-tools-proxy",
            "trust": 0.1,
            "url": "https://github.com/antimatter-studios/docker-dev-tools-proxy "
          },
          {
            "title": "nginx-proxy",
            "trust": 0.1,
            "url": "https://github.com/nginx-proxy/nginx-proxy "
          },
          {
            "title": "nginx-proxy",
            "trust": 0.1,
            "url": "https://github.com/bfirestone/nginx-proxy "
          },
          {
            "title": "nginx-oidc-proxy",
            "trust": 0.1,
            "url": "https://github.com/garnser/nginx-oidc-proxy "
          },
          {
            "title": "nginx-proxy",
            "trust": 0.1,
            "url": "https://github.com/vitasl/nginx-proxy "
          },
          {
            "title": "nginx-proxy-docker-image-builder",
            "trust": 0.1,
            "url": "https://github.com/expoli/nginx-proxy-docker-image "
          },
          {
            "title": "docker-proxy",
            "trust": 0.1,
            "url": "https://github.com/antimatter-studios/docker-proxy "
          },
          {
            "title": "nginx-proxy",
            "trust": 0.1,
            "url": "https://github.com/junkl-solbox/nginx-proxy "
          },
          {
            "title": "nginxProxy",
            "trust": 0.1,
            "url": "https://github.com/moewsystem/nginxproxy "
          },
          {
            "title": "kube-active-proxy",
            "trust": 0.1,
            "url": "https://github.com/adi90x/kube-active-proxy "
          },
          {
            "title": "nginx-proxy",
            "trust": 0.1,
            "url": "https://github.com/antimatter-studios/nginx-proxy "
          },
          {
            "title": "",
            "trust": 0.1,
            "url": "https://github.com/6d617274696e73/nginx-waf-proxy "
          },
          {
            "title": "",
            "trust": 0.1,
            "url": "https://github.com/mikediamanto/nginx-proxy "
          },
          {
            "title": "rancher-active-proxy",
            "trust": 0.1,
            "url": "https://github.com/adi90x/rancher-active-proxy "
          },
          {
            "title": "algm-php-vulnerability-checker",
            "trust": 0.1,
            "url": "https://github.com/timclifford/algm-php-vulnerability-checker "
          },
          {
            "title": "",
            "trust": 0.1,
            "url": "https://github.com/t0m4too/t0m4to "
          },
          {
            "title": "github_aquasecurity_trivy",
            "trust": 0.1,
            "url": "https://github.com/back8/github_aquasecurity_trivy "
          },
          {
            "title": "TrivyWeb",
            "trust": 0.1,
            "url": "https://github.com/korayagaya/trivyweb "
          },
          {
            "title": "Vulnerability-Scanner-for-Containers",
            "trust": 0.1,
            "url": "https://github.com/t31m0/vulnerability-scanner-for-containers "
          },
          {
            "title": "security",
            "trust": 0.1,
            "url": "https://github.com/umahari/security "
          },
          {
            "title": "",
            "trust": 0.1,
            "url": "https://github.com/mohzeela/external-secret "
          },
          {
            "title": "trivy",
            "trust": 0.1,
            "url": "https://github.com/simiyo/trivy "
          },
          {
            "title": "trivy",
            "trust": 0.1,
            "url": "https://github.com/aquasecurity/trivy "
          },
          {
            "title": "trivy",
            "trust": 0.1,
            "url": "https://github.com/knqyf263/trivy "
          },
          {
            "title": "trivy",
            "trust": 0.1,
            "url": "https://github.com/siddharthraopotukuchi/trivy "
          },
          {
            "title": "Threatpost",
            "trust": 0.1,
            "url": "https://threatpost.com/cgi-script-vulnerability-httpoxy-allows-man-in-the-middle-attacks/119345/"
          }
        ],
        "sources": [
          {
            "db": "VULMON",
            "id": "CVE-2016-5385"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-003800"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201607-538"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-601",
            "trust": 1.1
          },
          {
            "problemtype": "CWE-Other",
            "trust": 0.8
          },
          {
            "problemtype": "CWE-284",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "VULHUB",
            "id": "VHN-94204"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-003800"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-5385"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.7,
            "url": "http://www.kb.cert.org/vuls/id/797896"
          },
          {
            "trust": 2.4,
            "url": "http://www.securityfocus.com/bid/91821"
          },
          {
            "trust": 2.4,
            "url": "http://www.debian.org/security/2016/dsa-3631"
          },
          {
            "trust": 2.0,
            "url": "https://httpoxy.org/"
          },
          {
            "trust": 1.9,
            "url": "http://rhn.redhat.com/errata/rhsa-2016-1613.html"
          },
          {
            "trust": 1.8,
            "url": "http://www.securitytracker.com/id/1036335"
          },
          {
            "trust": 1.8,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/kzoiuyzdbwnddhc6xtolzyrmrxzwtjcp/"
          },
          {
            "trust": 1.8,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7rmyxavnyl2mobjtfate73tovoezyc5r/"
          },
          {
            "trust": 1.8,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/gxfeimzpsvgzqqayiq7u7dfvx3ibsdlf/"
          },
          {
            "trust": 1.8,
            "url": "https://security.gentoo.org/glsa/201611-22"
          },
          {
            "trust": 1.8,
            "url": "http://rhn.redhat.com/errata/rhsa-2016-1609.html"
          },
          {
            "trust": 1.8,
            "url": "http://rhn.redhat.com/errata/rhsa-2016-1610.html"
          },
          {
            "trust": 1.8,
            "url": "http://rhn.redhat.com/errata/rhsa-2016-1611.html"
          },
          {
            "trust": 1.8,
            "url": "http://rhn.redhat.com/errata/rhsa-2016-1612.html"
          },
          {
            "trust": 1.8,
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
          },
          {
            "trust": 1.8,
            "url": "http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html"
          },
          {
            "trust": 1.8,
            "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html"
          },
          {
            "trust": 1.8,
            "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1353794"
          },
          {
            "trust": 1.8,
            "url": "https://github.com/guzzle/guzzle/releases/tag/6.2.1"
          },
          {
            "trust": 1.8,
            "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05320149"
          },
          {
            "trust": 1.8,
            "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05333297"
          },
          {
            "trust": 1.8,
            "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docdisplay?docid=emr_na-c05390722"
          },
          {
            "trust": 1.8,
            "url": "https://www.drupal.org/sa-core-2016-003"
          },
          {
            "trust": 1.8,
            "url": "http://lists.opensuse.org/opensuse-updates/2016-08/msg00003.html"
          },
          {
            "trust": 1.7,
            "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026docid=emr_na-hpesbhf03770en_us"
          },
          {
            "trust": 1.6,
            "url": "https://www.apache.org/security/asf-httpoxy-response.txt"
          },
          {
            "trust": 0.9,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-5385"
          },
          {
            "trust": 0.8,
            "url": "https://tools.ietf.org/html/rfc3875"
          },
          {
            "trust": 0.8,
            "url": "https://httpoxy.org"
          },
          {
            "trust": 0.8,
            "url": "https://cwe.mitre.org/data/definitions/807.html"
          },
          {
            "trust": 0.8,
            "url": "https://cwe.mitre.org/data/definitions/454.html"
          },
          {
            "trust": 0.8,
            "url": "http://jvn.jp/cert/jvnvu91485132"
          },
          {
            "trust": 0.8,
            "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-5385"
          },
          {
            "trust": 0.7,
            "url": "https://access.redhat.com/security/cve/cve-2016-5385"
          },
          {
            "trust": 0.6,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7rmyxavnyl2mobjtfate73tovoezyc5r/"
          },
          {
            "trust": 0.6,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/gxfeimzpsvgzqqayiq7u7dfvx3ibsdlf/"
          },
          {
            "trust": 0.6,
            "url": "https://access.redhat.com/errata/rhsa-2016:1613"
          },
          {
            "trust": 0.6,
            "url": "https://access.redhat.com/errata/rhsa-2016:1612"
          },
          {
            "trust": 0.6,
            "url": "https://access.redhat.com/errata/rhsa-2016:1611"
          },
          {
            "trust": 0.6,
            "url": "https://access.redhat.com/errata/rhsa-2016:1610"
          },
          {
            "trust": 0.6,
            "url": "https://access.redhat.com/errata/rhsa-2016:1609"
          },
          {
            "trust": 0.6,
            "url": "httpoxy.org/"
          },
          {
            "trust": 0.6,
            "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/kzoiuyzdbwnddhc6xtolzyrmrxzwtjcp/"
          },
          {
            "trust": 0.5,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-5385"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-5399"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6294"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6289"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6297"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6291"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6292"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6295"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6296"
          },
          {
            "trust": 0.3,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6290"
          },
          {
            "trust": 0.2,
            "url": "https://php.net/changelog-5.php#5.6.24"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6207"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-5093"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-5772"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-5771"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-5768"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-5094"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-5769"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-5773"
          },
          {
            "trust": 0.2,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-5096"
          },
          {
            "trust": 0.1,
            "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?doclocale=en_us\u0026amp;docid=emr_na-hpesbhf03770en_us"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/601.html"
          },
          {
            "trust": 0.1,
            "url": "https://github.com/sonatype-nexus-community/bach"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          },
          {
            "trust": 0.1,
            "url": "https://www.debian.org/security/faq"
          },
          {
            "trust": 0.1,
            "url": "https://www.debian.org/security/"
          },
          {
            "trust": 0.1,
            "url": "http://slackware.com"
          },
          {
            "trust": 0.1,
            "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-6207"
          },
          {
            "trust": 0.1,
            "url": "http://osuosl.org)"
          },
          {
            "trust": 0.1,
            "url": "http://slackware.com/gpg-key"
          },
          {
            "trust": 0.1,
            "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
          },
          {
            "trust": 0.1,
            "url": "https://bugzilla.redhat.com/):"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/team/key/"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/articles/11258"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/updates/classification/#moderate"
          },
          {
            "trust": 0.1,
            "url": "https://access.redhat.com/security/team/contact/"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/php5/5.3.10-1ubuntu3.24"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6288"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/php7.0/7.0.8-0ubuntu0.16.04.2"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-8935"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-5114"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-4116"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-8876"
          },
          {
            "trust": 0.1,
            "url": "https://launchpad.net/ubuntu/+source/php5/5.5.9+dfsg-1ubuntu4.19"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-5095"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2015-8873"
          },
          {
            "trust": 0.1,
            "url": "http://www.ubuntu.com/usn/usn-3045-1"
          },
          {
            "trust": 0.1,
            "url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c05333297"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2013-7456"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-5770"
          },
          {
            "trust": 0.1,
            "url": "http://www.hpe.com/support/security_bulletin_archive"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-3074"
          },
          {
            "trust": 0.1,
            "url": "http://www.hpe.com/support/subscriber_choice"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-5767"
          },
          {
            "trust": 0.1,
            "url": "https://h20564.www2.hpe.com/hpsc/doc/public/display?docid=emr_na-c01345499"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-6293"
          },
          {
            "trust": 0.1,
            "url": "https://www.hpe.com/info/report-security-vulnerability"
          },
          {
            "trust": 0.1,
            "url": "http://www.hpe.com/support/msl6480\u003e"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2016-5766"
          }
        ],
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#797896"
          },
          {
            "db": "VULHUB",
            "id": "VHN-94204"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-5385"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-003800"
          },
          {
            "db": "PACKETSTORM",
            "id": "138070"
          },
          {
            "db": "PACKETSTORM",
            "id": "138014"
          },
          {
            "db": "PACKETSTORM",
            "id": "138299"
          },
          {
            "db": "PACKETSTORM",
            "id": "138136"
          },
          {
            "db": "PACKETSTORM",
            "id": "140515"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201607-538"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-5385"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CERT/CC",
            "id": "VU#797896"
          },
          {
            "db": "VULHUB",
            "id": "VHN-94204"
          },
          {
            "db": "VULMON",
            "id": "CVE-2016-5385"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2016-003800"
          },
          {
            "db": "PACKETSTORM",
            "id": "138070"
          },
          {
            "db": "PACKETSTORM",
            "id": "138014"
          },
          {
            "db": "PACKETSTORM",
            "id": "138299"
          },
          {
            "db": "PACKETSTORM",
            "id": "138136"
          },
          {
            "db": "PACKETSTORM",
            "id": "140515"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201607-538"
          },
          {
            "db": "NVD",
            "id": "CVE-2016-5385"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2016-07-18T00:00:00",
            "db": "CERT/CC",
            "id": "VU#797896"
          },
          {
            "date": "2016-07-19T00:00:00",
            "db": "VULHUB",
            "id": "VHN-94204"
          },
          {
            "date": "2016-07-19T00:00:00",
            "db": "VULMON",
            "id": "CVE-2016-5385"
          },
          {
            "date": "2016-07-25T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2016-003800"
          },
          {
            "date": "2016-07-27T14:25:39",
            "db": "PACKETSTORM",
            "id": "138070"
          },
          {
            "date": "2016-07-22T22:42:48",
            "db": "PACKETSTORM",
            "id": "138014"
          },
          {
            "date": "2016-08-12T18:03:29",
            "db": "PACKETSTORM",
            "id": "138299"
          },
          {
            "date": "2016-08-02T22:59:53",
            "db": "PACKETSTORM",
            "id": "138136"
          },
          {
            "date": "2017-01-15T23:24:00",
            "db": "PACKETSTORM",
            "id": "140515"
          },
          {
            "date": "2016-07-19T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201607-538"
          },
          {
            "date": "2016-07-19T02:00:17.773000",
            "db": "NVD",
            "id": "CVE-2016-5385"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2016-07-19T00:00:00",
            "db": "CERT/CC",
            "id": "VU#797896"
          },
          {
            "date": "2023-02-12T00:00:00",
            "db": "VULHUB",
            "id": "VHN-94204"
          },
          {
            "date": "2023-02-12T00:00:00",
            "db": "VULMON",
            "id": "CVE-2016-5385"
          },
          {
            "date": "2016-12-27T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2016-003800"
          },
          {
            "date": "2023-04-03T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201607-538"
          },
          {
            "date": "2023-02-12T23:23:28.023000",
            "db": "NVD",
            "id": "CVE-2016-5385"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "PACKETSTORM",
            "id": "138299"
          },
          {
            "db": "PACKETSTORM",
            "id": "138136"
          },
          {
            "db": "PACKETSTORM",
            "id": "140515"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201607-538"
          }
        ],
        "trust": 0.9
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "CGI web servers assign Proxy header values from client requests to internal HTTP_PROXY environment variables",
        "sources": [
          {
            "db": "CERT/CC",
            "id": "VU#797896"
          }
        ],
        "trust": 0.8
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "input validation error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201607-538"
          }
        ],
        "trust": 0.6
      }
    }

    VAR-201904-0995

    Vulnerability from variot - Updated: 2024-06-12 22:59

    lighttpd before 1.4.54 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a malicious HTTP GET request, as demonstrated by mishandling of /%2F? in burl_normalize_2F_to_slash_fix in burl.c. NOTE: The developer states "The feature which can be abused to cause the crash is a new feature in lighttpd 1.4.50, and is not enabled by default. It must be explicitly configured in the config file (e.g. lighttpd.conf). Certain input will trigger an abort() in lighttpd when that feature is enabled. lighttpd detects the underflow or realloc() will fail (in both 32-bit and 64-bit executables), also detected in lighttpd. Either triggers an explicit abort() by lighttpd. This is not exploitable beyond triggering the explicit abort() with subsequent application exit. ** Unsettled ** This case has not been confirmed as a vulnerability. lighttpd Contains an integer overflow vulnerability. The vendor has disputed this vulnerability. For details, see NVD of Current Description Please Confirm. https://nvd.nist.gov/vuln/detail/CVE-2019-11072Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Lighttpd is an open source web server for German JanKneschke software developers. An input validation error vulnerability exists in versions prior to lighttpd 1.4.54. The vulnerability stems from a network system or product that does not properly validate the input data. An attacker exploited the vulnerability to cause a denial of service or code execution vulnerability. lighttpd is prone to an integer overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized memory buffer. An attacker can exploit this issue to crash the affected application, resulting in denial-of-service conditions. Due to the nature of this issue, arbitrary code execution may be possible but this has not been confirmed

    Show details on source website

    {
      "@context": {
        "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
        "affected_products": {
          "@id": "https://www.variotdbs.pl/ref/affected_products"
        },
        "configurations": {
          "@id": "https://www.variotdbs.pl/ref/configurations"
        },
        "credits": {
          "@id": "https://www.variotdbs.pl/ref/credits"
        },
        "cvss": {
          "@id": "https://www.variotdbs.pl/ref/cvss/"
        },
        "description": {
          "@id": "https://www.variotdbs.pl/ref/description/"
        },
        "exploit_availability": {
          "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
        },
        "external_ids": {
          "@id": "https://www.variotdbs.pl/ref/external_ids/"
        },
        "iot": {
          "@id": "https://www.variotdbs.pl/ref/iot/"
        },
        "iot_taxonomy": {
          "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
        },
        "patch": {
          "@id": "https://www.variotdbs.pl/ref/patch/"
        },
        "problemtype_data": {
          "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
        },
        "references": {
          "@id": "https://www.variotdbs.pl/ref/references/"
        },
        "sources": {
          "@id": "https://www.variotdbs.pl/ref/sources/"
        },
        "sources_release_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
        },
        "sources_update_date": {
          "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
        },
        "threat_type": {
          "@id": "https://www.variotdbs.pl/ref/threat_type/"
        },
        "title": {
          "@id": "https://www.variotdbs.pl/ref/title/"
        },
        "type": {
          "@id": "https://www.variotdbs.pl/ref/type/"
        }
      },
      "@id": "https://www.variotdbs.pl/vuln/VAR-201904-0995",
      "affected_products": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "model": "lighttpd",
            "scope": "lte",
            "trust": 1.0,
            "vendor": "lighttpd",
            "version": "1.4.53"
          },
          {
            "model": "lighttpd",
            "scope": "lt",
            "trust": 0.8,
            "vendor": "lighttpd",
            "version": "1.4.54"
          },
          {
            "model": "kneschke lighttpd",
            "scope": "lt",
            "trust": 0.6,
            "vendor": "jan",
            "version": "1.4.54"
          },
          {
            "model": "lighttpd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "lighttpd",
            "version": "1.5"
          },
          {
            "model": "lighttpd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "lighttpd",
            "version": "1.4.32"
          },
          {
            "model": "lighttpd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "lighttpd",
            "version": "1.4.31"
          },
          {
            "model": "lighttpd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "lighttpd",
            "version": "1.4.30"
          },
          {
            "model": "lighttpd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "lighttpd",
            "version": "1.4.26"
          },
          {
            "model": "lighttpd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "lighttpd",
            "version": "1.4.25"
          },
          {
            "model": "lighttpd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "lighttpd",
            "version": "1.4.24"
          },
          {
            "model": "lighttpd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "lighttpd",
            "version": "1.4.23"
          },
          {
            "model": "lighttpd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "lighttpd",
            "version": "1.4.20"
          },
          {
            "model": "lighttpd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "lighttpd",
            "version": "1.4.19"
          },
          {
            "model": "lighttpd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "lighttpd",
            "version": "1.4.18"
          },
          {
            "model": "lighttpd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "lighttpd",
            "version": "1.4.17"
          },
          {
            "model": "lighttpd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "lighttpd",
            "version": "1.4.16"
          },
          {
            "model": "lighttpd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "lighttpd",
            "version": "1.4.15"
          },
          {
            "model": "lighttpd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "lighttpd",
            "version": "1.4.14"
          },
          {
            "model": "lighttpd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "lighttpd",
            "version": "1.4.13"
          },
          {
            "model": "lighttpd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "lighttpd",
            "version": "1.4.12"
          },
          {
            "model": "lighttpd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "lighttpd",
            "version": "1.4.11"
          },
          {
            "model": "lighttpd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "lighttpd",
            "version": "1.4.10"
          },
          {
            "model": "lighttpd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "lighttpd",
            "version": "1.4.9"
          },
          {
            "model": "lighttpd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "lighttpd",
            "version": "1.4.8"
          },
          {
            "model": "lighttpd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "lighttpd",
            "version": "1.4.7"
          },
          {
            "model": "lighttpd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "lighttpd",
            "version": "1.4.6"
          },
          {
            "model": "lighttpd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "lighttpd",
            "version": "1.4.5"
          },
          {
            "model": "lighttpd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "lighttpd",
            "version": "1.4.4"
          },
          {
            "model": "lighttpd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "lighttpd",
            "version": "1.4.3"
          },
          {
            "model": "lighttpd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "lighttpd",
            "version": "1.4.2"
          },
          {
            "model": "lighttpd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "lighttpd",
            "version": "1.4.1"
          },
          {
            "model": "lighttpd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "lighttpd",
            "version": "1.4"
          },
          {
            "model": "lighttpd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "lighttpd",
            "version": "1.3.10"
          },
          {
            "model": "lighttpd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "lighttpd",
            "version": "1.3.8"
          },
          {
            "model": "lighttpd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "lighttpd",
            "version": "1.3.7"
          },
          {
            "model": "lighttpd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "lighttpd",
            "version": "1.4.35"
          },
          {
            "model": "lighttpd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "lighttpd",
            "version": "1.4.34"
          },
          {
            "model": "lighttpd",
            "scope": "eq",
            "trust": 0.3,
            "vendor": "lighttpd",
            "version": "1.4.33"
          },
          {
            "model": "lighttpd",
            "scope": "ne",
            "trust": 0.3,
            "vendor": "lighttpd",
            "version": "1.4.54"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-13852"
          },
          {
            "db": "BID",
            "id": "107907"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-003364"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-11072"
          }
        ]
      },
      "configurations": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/configurations#",
          "children": {
            "@container": "@list"
          },
          "cpe_match": {
            "@container": "@list"
          },
          "data": {
            "@container": "@list"
          },
          "nodes": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "CVE_data_version": "4.0",
            "nodes": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "versionEndIncluding": "1.4.53",
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-11072"
          }
        ]
      },
      "credits": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/credits#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Stephan Zeisberg",
        "sources": [
          {
            "db": "BID",
            "id": "107907"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201904-539"
          }
        ],
        "trust": 0.9
      },
      "cve": "CVE-2019-11072",
      "cvss": {
        "@context": {
          "cvssV2": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
          },
          "cvssV3": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
          },
          "severity": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/cvss/severity#"
            },
            "@id": "https://www.variotdbs.pl/ref/cvss/severity"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            },
            "@id": "https://www.variotdbs.pl/ref/sources"
          }
        },
        "data": [
          {
            "cvssV2": [
              {
                "acInsufInfo": false,
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "NVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "obtainAllPrivilege": false,
                "obtainOtherPrivilege": false,
                "obtainUserPrivilege": false,
                "severity": "HIGH",
                "trust": 1.0,
                "userInteractionRequired": false,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "acInsufInfo": null,
                "accessComplexity": "Low",
                "accessVector": "Network",
                "authentication": "None",
                "author": "NVD",
                "availabilityImpact": "Partial",
                "baseScore": 7.5,
                "confidentialityImpact": "Partial",
                "exploitabilityScore": null,
                "id": "CVE-2019-11072",
                "impactScore": null,
                "integrityImpact": "Partial",
                "obtainAllPrivilege": null,
                "obtainOtherPrivilege": null,
                "obtainUserPrivilege": null,
                "severity": "High",
                "trust": 0.9,
                "userInteractionRequired": null,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              },
              {
                "accessComplexity": "LOW",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "author": "CNVD",
                "availabilityImpact": "PARTIAL",
                "baseScore": 7.5,
                "confidentialityImpact": "PARTIAL",
                "exploitabilityScore": 10.0,
                "id": "CNVD-2019-13852",
                "impactScore": 6.4,
                "integrityImpact": "PARTIAL",
                "severity": "HIGH",
                "trust": 0.6,
                "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
                "version": "2.0"
              }
            ],
            "cvssV3": [
              {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "author": "NVD",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "exploitabilityScore": 3.9,
                "impactScore": 5.9,
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "trust": 1.0,
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              },
              {
                "attackComplexity": "Low",
                "attackVector": "Network",
                "author": "NVD",
                "availabilityImpact": "High",
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "confidentialityImpact": "High",
                "exploitabilityScore": null,
                "id": "CVE-2019-11072",
                "impactScore": null,
                "integrityImpact": "High",
                "privilegesRequired": "None",
                "scope": "Unchanged",
                "trust": 0.8,
                "userInteraction": "None",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            ],
            "severity": [
              {
                "author": "NVD",
                "id": "CVE-2019-11072",
                "trust": 1.8,
                "value": "CRITICAL"
              },
              {
                "author": "CNVD",
                "id": "CNVD-2019-13852",
                "trust": 0.6,
                "value": "HIGH"
              },
              {
                "author": "CNNVD",
                "id": "CNNVD-201904-539",
                "trust": 0.6,
                "value": "CRITICAL"
              },
              {
                "author": "VULMON",
                "id": "CVE-2019-11072",
                "trust": 0.1,
                "value": "HIGH"
              }
            ]
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-13852"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-11072"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-003364"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201904-539"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-11072"
          }
        ]
      },
      "description": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/description#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "lighttpd before 1.4.54 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a malicious HTTP GET request, as demonstrated by mishandling of /%2F? in burl_normalize_2F_to_slash_fix in burl.c. NOTE: The developer states \"The feature which can be abused to cause the crash is a new feature in lighttpd 1.4.50, and is not enabled by default. It must be explicitly configured in the config file (e.g. lighttpd.conf). Certain input will trigger an abort() in lighttpd when that feature is enabled. lighttpd detects the underflow or realloc() will fail (in both 32-bit and 64-bit executables), also detected in lighttpd. Either triggers an explicit abort() by lighttpd. This is not exploitable beyond triggering the explicit abort() with subsequent application exit. ** Unsettled ** This case has not been confirmed as a vulnerability. lighttpd Contains an integer overflow vulnerability. The vendor has disputed this vulnerability. For details, see NVD of Current Description Please Confirm. https://nvd.nist.gov/vuln/detail/CVE-2019-11072Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. Lighttpd is an open source web server for German JanKneschke software developers. An input validation error vulnerability exists in versions prior to lighttpd 1.4.54. The vulnerability stems from a network system or product that does not properly validate the input data. An attacker exploited the vulnerability to cause a denial of service or code execution vulnerability. lighttpd is prone to an integer overflow vulnerability because it fails to adequately bounds-check user-supplied data before copying it to an insufficiently sized memory buffer. \nAn attacker can exploit this issue to crash the affected application,   resulting in denial-of-service conditions. Due to the nature of this   issue, arbitrary code execution may be possible but this has not been   confirmed",
        "sources": [
          {
            "db": "NVD",
            "id": "CVE-2019-11072"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-003364"
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-13852"
          },
          {
            "db": "BID",
            "id": "107907"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-11072"
          }
        ],
        "trust": 2.52
      },
      "external_ids": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "db": "NVD",
            "id": "CVE-2019-11072",
            "trust": 3.4
          },
          {
            "db": "BID",
            "id": "107907",
            "trust": 2.6
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-003364",
            "trust": 0.8
          },
          {
            "db": "CNVD",
            "id": "CNVD-2019-13852",
            "trust": 0.6
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201904-539",
            "trust": 0.6
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-11072",
            "trust": 0.1
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-13852"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-11072"
          },
          {
            "db": "BID",
            "id": "107907"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-003364"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201904-539"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-11072"
          }
        ]
      },
      "id": "VAR-201904-0995",
      "iot": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": true,
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-13852"
          }
        ],
        "trust": 1.6
      },
      "iot_taxonomy": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/iot_taxonomy#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "category": [
              "Network device"
            ],
            "sub_category": null,
            "trust": 0.6
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-13852"
          }
        ]
      },
      "last_update_date": "2024-06-12T22:59:11.245000Z",
      "patch": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/patch#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "title": "[core] fix abort in http-parseopts (fixes #2945)",
            "trust": 0.8,
            "url": "https://github.com/lighttpd/lighttpd1.4/commit/32120d5b8b3203fc21ccb9eafb0eaf824bb59354"
          },
          {
            "title": "Bug #2945",
            "trust": 0.8,
            "url": "https://redmine.lighttpd.net/issues/2945"
          },
          {
            "title": "Lighttpd enters a patch to verify the error vulnerability",
            "trust": 0.6,
            "url": "https://www.cnvd.org.cn/patchinfo/show/160987"
          },
          {
            "title": "lighttpd Enter the fix for the verification error vulnerability",
            "trust": 0.6,
            "url": "http://www.cnnvd.org.cn/web/xxk/bdxqbyid.tag?id=91354"
          },
          {
            "title": "Debian CVElist Bug Report Logs: lighttpd: CVE-2019-11072",
            "trust": 0.1,
            "url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=9b235b8ab3dbcb0acdb0f9df18f1403b"
          },
          {
            "title": "",
            "trust": 0.1,
            "url": "https://github.com/jreisinger/checkip "
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-13852"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-11072"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-003364"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201904-539"
          }
        ]
      },
      "problemtype_data": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "problemtype": "CWE-190",
            "trust": 1.8
          }
        ],
        "sources": [
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-003364"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-11072"
          }
        ]
      },
      "references": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/references#",
          "data": {
            "@container": "@list"
          },
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": [
          {
            "trust": 2.3,
            "url": "http://www.securityfocus.com/bid/107907"
          },
          {
            "trust": 2.0,
            "url": "https://github.com/lighttpd/lighttpd1.4/commit/32120d5b8b3203fc21ccb9eafb0eaf824bb59354"
          },
          {
            "trust": 1.4,
            "url": "https://redmine.lighttpd.net/issues/2945"
          },
          {
            "trust": 1.4,
            "url": "https://nvd.nist.gov/vuln/detail/cve-2019-11072"
          },
          {
            "trust": 0.8,
            "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2019-11072"
          },
          {
            "trust": 0.6,
            "url": "httpd1.4/commit/32120d5b8b3203fc21ccb9eafb0eaf824bb59354"
          },
          {
            "trust": 0.6,
            "url": "httpd/lig"
          },
          {
            "trust": 0.6,
            "url": "https://github.com/lig"
          },
          {
            "trust": 0.6,
            "url": "httpd.net/issues/2945"
          },
          {
            "trust": 0.6,
            "url": "https://redmine.lig"
          },
          {
            "trust": 0.6,
            "url": "http://www.lig"
          },
          {
            "trust": 0.6,
            "url": "httpd.net/versions/55"
          },
          {
            "trust": 0.6,
            "url": "httpd-denial-of-service-via-url-path-2f-decode-29025"
          },
          {
            "trust": 0.6,
            "url": "https://vigilance.fr/vulnerability/lig"
          },
          {
            "trust": 0.3,
            "url": "https://redmine.lighttpd.net/versions/55"
          },
          {
            "trust": 0.3,
            "url": "http://www.lighttpd.net/"
          },
          {
            "trust": 0.1,
            "url": "https://cwe.mitre.org/data/definitions/190.html"
          },
          {
            "trust": 0.1,
            "url": "https://tools.cisco.com/security/center/viewalert.x?alertid=60000"
          },
          {
            "trust": 0.1,
            "url": "https://nvd.nist.gov"
          }
        ],
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-13852"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-11072"
          },
          {
            "db": "BID",
            "id": "107907"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-003364"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201904-539"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-11072"
          }
        ]
      },
      "sources": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-13852"
          },
          {
            "db": "VULMON",
            "id": "CVE-2019-11072"
          },
          {
            "db": "BID",
            "id": "107907"
          },
          {
            "db": "JVNDB",
            "id": "JVNDB-2019-003364"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201904-539"
          },
          {
            "db": "NVD",
            "id": "CVE-2019-11072"
          }
        ]
      },
      "sources_release_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-05-13T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-13852"
          },
          {
            "date": "2019-04-10T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-11072"
          },
          {
            "date": "2019-04-09T00:00:00",
            "db": "BID",
            "id": "107907"
          },
          {
            "date": "2019-05-15T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-003364"
          },
          {
            "date": "2019-04-10T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201904-539"
          },
          {
            "date": "2019-04-10T22:29:00.267000",
            "db": "NVD",
            "id": "CVE-2019-11072"
          }
        ]
      },
      "sources_update_date": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
          "data": {
            "@container": "@list"
          }
        },
        "data": [
          {
            "date": "2019-05-13T00:00:00",
            "db": "CNVD",
            "id": "CNVD-2019-13852"
          },
          {
            "date": "2023-11-07T00:00:00",
            "db": "VULMON",
            "id": "CVE-2019-11072"
          },
          {
            "date": "2019-04-09T00:00:00",
            "db": "BID",
            "id": "107907"
          },
          {
            "date": "2019-05-15T00:00:00",
            "db": "JVNDB",
            "id": "JVNDB-2019-003364"
          },
          {
            "date": "2019-04-24T00:00:00",
            "db": "CNNVD",
            "id": "CNNVD-201904-539"
          },
          {
            "date": "2024-06-11T21:15:51.510000",
            "db": "NVD",
            "id": "CVE-2019-11072"
          }
        ]
      },
      "threat_type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "remote",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201904-539"
          }
        ],
        "trust": 0.6
      },
      "title": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/title#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "Lighttpd input validation error vulnerability",
        "sources": [
          {
            "db": "CNVD",
            "id": "CNVD-2019-13852"
          },
          {
            "db": "CNNVD",
            "id": "CNNVD-201904-539"
          }
        ],
        "trust": 1.2
      },
      "type": {
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/type#",
          "sources": {
            "@container": "@list",
            "@context": {
              "@vocab": "https://www.variotdbs.pl/ref/sources#"
            }
          }
        },
        "data": "input validation error",
        "sources": [
          {
            "db": "CNNVD",
            "id": "CNNVD-201904-539"
          }
        ],
        "trust": 0.6
      }
    }