[pkg-lighttpd] Bug#434888: closed by Pierre Habouzit <madcoder at debian.org> (Re: Bug#434888: Multiple vulnerabilities [CVE-2007-3946] [CVE-2007-3947] [CVE-2007-3948] [CVE-2007-3949] [CVE-2007-3950])
Adam Majer
adamm at zombino.com
Fri Jul 27 20:45:29 UTC 2007
What about Etch?
Debian Bug Tracking System wrote:
> This is an automatic notification regarding your Bug report
> #434888: Multiple vulnerabilities [CVE-2007-3946] [CVE-2007-3947] [CVE-2007-3948] [CVE-2007-3949] [CVE-2007-3950],
> which was filed against the lighttpd package.
>
> It has been closed by Pierre Habouzit <madcoder at debian.org>.
>
> Their explanation is attached below. If this explanation is
> unsatisfactory and you have not received a better one in a separate
> message then please contact Pierre Habouzit <madcoder at debian.org> by replying
> to this email.
>
> Debian bug tracking system administrator
> (administrator, Debian Bugs database)
>
>
>
> ------------------------------------------------------------------------
>
> Subject:
> Re: [pkg-lighttpd] Bug#434888: Multiple vulnerabilities [CVE-2007-3946]
> [CVE-2007-3947] [CVE-2007-3948] [CVE-2007-3949] [CVE-2007-3950]
> From:
> Pierre Habouzit <madcoder at debian.org>
> Date:
> Fri, 27 Jul 2007 17:39:40 +0200
> To:
> 434888-done at bugs.debian.org
>
> To:
> 434888-done at bugs.debian.org
>
>
> Version: 1.4.16-1
>
> On Fri, Jul 27, 2007 at 09:11:48AM -0500, Adam Majer wrote:
>> Package: lighttpd
>> Severity: critical
>> Tags: security
>>
>> Upstream patches from Trac seem to be available from upstream.
>>
>> >From http://secunia.com/advisories/26130/
>>
>> DESCRIPTION:
>> Some vulnerabilities have been reported in lighttpd, which can be
>> exploited by malicious people to bypass certain security restrictions
>> or cause a DoS (Denial of Service).
>>
>> 1) An error in the processing of HTTP headers can be exploited to
>> cause a DoS by sending duplicate HTTP headers with a trailing
>> whitespace character.
>>
>> 2) An error in mod_auth can be exploited to cause a DoS by sending
>> requests with the algorithm set to "MD5-sess" and without a cnonce.
>>
>> 3) An error when parsing Auth-Digest headers in mod_auth can
>> potentially be exploited to cause a DoS by sending multiple
>> whitespace characters.
>>
>> 4) An error exists in the mechanism that limits the number of active
>> connections. This can be exploited to cause a DoS.
>>
>> 5) An error exists in the processing of HTTP requests. This can be
>> exploited to access restricted files by adding a "/" to an URL.
>>
>> 6) An error exists in mod_scgi. This can be exploited to cause a DoS
>> by sending a SCGI request and closing the connection while lighttpd
>> processes the request.
>>
>> The vulnerabilities are reported in lighttpd-1.4.15. Previous
>> versions may also be affected.
>>
>> SOLUTION:
>> Fixed in the developer branch.
>>
>> 1) http://trac.lighttpd.net/trac/changeset/1869?format=diff&new=1869
>> 2), 3)
>> http://trac.lighttpd.net/trac/changeset/1875?format=diff&new=1875
>> 4) http://trac.lighttpd.net/trac/changeset/1873?format=diff&new=1873
>> 5) http://trac.lighttpd.net/trac/changeset/1871?format=diff&new=1871
>> 6) http://trac.lighttpd.net/trac/changeset/1882?format=diff&new=1882
>>
>> ORIGINAL ADVISORY:
>> 1) http://trac.lighttpd.net/trac/ticket/1232
>> 2, 3) http://trac.lighttpd.net/trac/changeset/1875
>> 4) http://trac.lighttpd.net/trac/ticket/1216
>> 5) http://trac.lighttpd.net/trac/ticket/1230
>> 6) http://trac.lighttpd.net/trac/ticket/1263
>>
>>
>> -- System Information:
>> Debian Release: lenny/sid
>> APT prefers unstable
>> APT policy: (900, 'unstable'), (5, 'experimental')
>> Architecture: i386 (i686)
>>
>> Kernel: Linux 2.6.22-rc1 (SMP w/2 CPU cores)
>> Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
>> Shell: /bin/sh linked to /bin/bash
>>
>>
>> _______________________________________________
>> pkg-lighttpd-maintainers mailing list
>> pkg-lighttpd-maintainers at lists.alioth.debian.org
>> http://lists.alioth.debian.org/mailman/listinfo/pkg-lighttpd-maintainers
>
More information about the pkg-lighttpd-maintainers
mailing list