Home > Vulnerability Database > CVE-2007-1869

Mend.io Vulnerability Database

New vulnerability? Tell us about it!

CVE-2007-1869

Date: April 17, 2007

lighttpd 1.4.12 and 1.4.13 allows remote attackers to cause a denial of service (cpu and resource consumption) by disconnecting while lighttpd is parsing CRLF sequences, which triggers an infinite loop and file descriptor consumption.

Severity Score

5.3

Related Resources (17)

Url: https://people.canonical.com/~ubuntu-security/cve/CVE-2007-1869

Url: http://www.lighttpd.net/assets/2007/4/13/lighttpd_sa2007_01.txt

Url: https://exchange.xforce.ibmcloud.com/vulnerabilities/33671

Url: http://www.debian.org/security/2007/dsa-1303

Url: http://security.gentoo.org/glsa/glsa-200705-07.xml

Url: http://www.vupen.com/english/advisories/2007/1399

Url: http://www.securityfocus.com/bid/23515

Url: https://nvd.nist.gov/vuln/detail/CVE-2007-1869

Url: http://www.securityfocus.com/archive/1/466464/30/6900/threaded

Url: http://secunia.com/advisories/24886

Url: http://secunia.com/advisories/25613

Url: http://secunia.com/advisories/24947

Url: https://issues.rpath.com/browse/RPL-1218

Url: http://secunia.com/advisories/25166

Url: http://www.novell.com/linux/security/advisories/2007_007_suse.html

Url: http://secunia.com/advisories/24995

Url: https://www.mend.io/vulnerability-database/CVE-2007-1869

Severity Score

5.3

CVSS v3.1

Base Score:	5.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	NONE
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	LOW

CVSS v2

Base Score:	5.0
Access Vector (AV):	NETWORK
Access Complexity (AC):	LOW
Authentication (AU):	NONE
Confidentiality (C):	NONE
Integrity (I):	NONE
Availability (A):	PARTIAL
Additional information:

Do you need more information?

Contact Us