Back to search
CVE-2007-3947
Published: Jul 24, 2007
Modified: Aug 7, 2024
PUBLISHED
Description
request.c in lighttpd 1.4.15 allows remote attackers to cause a denial of service (daemon crash) by sending an HTTP request with duplicate headers, as demonstrated by a request containing two Location header lines, which results in a segmentation fault.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
26158
third-party-advisory
x_refsource_SECUNIA
http://trac.lighttpd.net/trac/changeset/1869
x_refsource_MISC
38313
vdb-entry
x_refsource_OSVDB
ADV-2007-2585
vdb-entry
x_refsource_VUPEN
26130
third-party-advisory
x_refsource_SECUNIA
20070719 rPSA-2007-0145-1 lighttpd
mailing-list
x_refsource_BUGTRAQ
24967
vdb-entry
x_refsource_BID
26593
third-party-advisory
x_refsource_SECUNIA
http://trac.lighttpd.net/trac/ticket/1232
x_refsource_CONFIRM
DSA-1362
vendor-advisory
x_refsource_DEBIAN
GLSA-200708-11
vendor-advisory
x_refsource_GENTOO
SUSE-SR:2007:015
vendor-advisory
x_refsource_SUSE
26505
third-party-advisory
x_refsource_SECUNIA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now