Summary
The host is running Lighttpd HTTP Server and is prone to denial of service vulnerability.
Impact
Successful exploitation could allow attackers to cause a denial of service via crafted Connection header values.
Impact Level: Application
Solution
Upgrade to 1.4.32 or apply the patch from,
http://download.lighttpd.net/lighttpd/security/lighttpd-1.4.31_fix_connection_header_dos.patch
Insight
The flaw is due to an error when processing certain Connection header values leading to enter in an endless loop denying further request processing.
Affected
Lighttpd version 1.4.31
References
Severity
Classification
-
CVE CVE-2012-5533 -
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- Adobe Reader 'AcroPDF.DLL' Denial of Service Vulnerability (Linux)
- ejabberd 'client2server' Message Remote Denial of Service Vulnerability
- Apple Safari JavaScript 'Reload()' DoS Vulnerability - July09
- Firebird SQL 'op_connect_request' Denial Of Service Vulnerability (Win)
- CUPS '_cupsImageReadTIFF()' Integer Overflow Vulnerability