CVE-2011-4362

EPSS 16.2%

Integer signedness error in the base64_decode function in the HTTP authentication functionality (http_auth.c) in lighttpd 1.4 before 1.4.30 and 1.5 before SVN revision 2806 allows remote attackers to cause a denial of service (segmentation fault) via crafted base64 input that triggers an out-of-bounds read with a negative index.

Affected products

n/a · n/a

public PoCs found — 2

cve_referencewww.exploit-db.com/exploits/18295unverified exploitdbwww.exploit-db.com/exploits/18295unverified

⚠ Public resources, to assess the exposure of systems you control or are authorized to test. Test only with authorization.

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://archives.neohapsis.com/archives/bugtraq/2011-12/0167.html http://blog.pi3.com.pl/?p=277 http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2011_01.txt http://jvn.jp/en/jp/JVN37417423/index.html http://redmine.lighttpd.net/issues/2370 https://bugzilla.redhat.com/show_bug.cgi?id=758624 http://secunia.com/advisories/47260 https://exchange.xforce.ibmcloud.com/vulnerabilities/71536 http://www.debian.org/security/2011/dsa-2368 http://www.exploit-db.com/exploits/18295 http://www.openwall.com/lists/oss-security/2011/11/29/13 http://www.openwall.com/lists/oss-security/2011/11/29/8