rPSA-2007-0145-1 lighttpd

To: security-announce@xxxxxxxxxxxxxxx, update-announce@xxxxxxxxxxxxxxx
Subject: rPSA-2007-0145-1 lighttpd
From: rPath Update Announcements <announce-noreply@xxxxxxxxx>
Date: Thu, 19 Jul 2007 07:55:21 -0400
Cc: full-disclosure@xxxxxxxxxxxxxxxxx, bugtraq@xxxxxxxxxxxxxxxxx, lwn@xxxxxxx
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
User-agent: nail 11.22 3/20/05

rPath Security Advisory: 2007-0145-1
Published: 2007-07-19
Products: rPath Linux 1
Rating: Severe
Exposure Level Classification:
    Remote User Deterministic Denial of Service
Updated Versions:
    lighttpd=/conary.rpath.com@rpl:devel//1/1.4.15-0.3-1

References:
    https://issues.rpath.com/browse/RPL-1550
    https://issues.rpath.com/browse/RPL-1554

Description:
    Previous versions of the lighttpd package are vulnerable to multiple
    attacks, among which remote attackers may circumvent access-control
    settings or crash the server by issuing various malformed or malicious
    requests.  It has not been determined that these vulnerabilities can
    be exploited to execute malicious code.

Copyright 2007 rPath, Inc.
This file is distributed under the terms of the MIT License.
A copy is available at http://www.rpath.com/permanent/mit-license.html

Prev by Date: [USN-489-2] redhat-cluster-suite vulnerability
Next by Date: iDefense Security Advisory 07.19.07: Opera Software Opera Web Browser BitTorrent Dangling Pointer Vulnerability
Previous by thread: [USN-489-2] redhat-cluster-suite vulnerability
Next by thread: iDefense Security Advisory 07.19.07: Opera Software Opera Web Browser BitTorrent Dangling Pointer Vulnerability
Index(es):
- Date
- Thread