Your message dated Fri, 27 Jul 2007 17:39:40 +0200
with message-id <[EMAIL PROTECTED]>
and subject line [pkg-lighttpd] Bug#434888: Multiple vulnerabilities
[CVE-2007-3946] [CVE-2007-3947] [CVE-2007-3948] [CVE-2007-3949] [CVE-2007-3950]
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: lighttpd
Severity: critical
Tags: security
Upstream patches from Trac seem to be available from upstream.
>From http://secunia.com/advisories/26130/
DESCRIPTION:
Some vulnerabilities have been reported in lighttpd, which can be
exploited by malicious people to bypass certain security restrictions
or cause a DoS (Denial of Service).
1) An error in the processing of HTTP headers can be exploited to
cause a DoS by sending duplicate HTTP headers with a trailing
whitespace character.
2) An error in mod_auth can be exploited to cause a DoS by sending
requests with the algorithm set to "MD5-sess" and without a cnonce.
3) An error when parsing Auth-Digest headers in mod_auth can
potentially be exploited to cause a DoS by sending multiple
whitespace characters.
4) An error exists in the mechanism that limits the number of active
connections. This can be exploited to cause a DoS.
5) An error exists in the processing of HTTP requests. This can be
exploited to access restricted files by adding a "/" to an URL.
6) An error exists in mod_scgi. This can be exploited to cause a DoS
by sending a SCGI request and closing the connection while lighttpd
processes the request.
The vulnerabilities are reported in lighttpd-1.4.15. Previous
versions may also be affected.
SOLUTION:
Fixed in the developer branch.
1) http://trac.lighttpd.net/trac/changeset/1869?format=diff&new=1869
2), 3)
http://trac.lighttpd.net/trac/changeset/1875?format=diff&new=1875
4) http://trac.lighttpd.net/trac/changeset/1873?format=diff&new=1873
5) http://trac.lighttpd.net/trac/changeset/1871?format=diff&new=1871
6) http://trac.lighttpd.net/trac/changeset/1882?format=diff&new=1882
ORIGINAL ADVISORY:
1) http://trac.lighttpd.net/trac/ticket/1232
2, 3) http://trac.lighttpd.net/trac/changeset/1875
4) http://trac.lighttpd.net/trac/ticket/1216
5) http://trac.lighttpd.net/trac/ticket/1230
6) http://trac.lighttpd.net/trac/ticket/1263
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (900, 'unstable'), (5, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.22-rc1 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
--- End Message ---
--- Begin Message ---
Version: 1.4.16-1
On Fri, Jul 27, 2007 at 09:11:48AM -0500, Adam Majer wrote:
> Package: lighttpd
> Severity: critical
> Tags: security
>
> Upstream patches from Trac seem to be available from upstream.
>
> >From http://secunia.com/advisories/26130/
>
> DESCRIPTION:
> Some vulnerabilities have been reported in lighttpd, which can be
> exploited by malicious people to bypass certain security restrictions
> or cause a DoS (Denial of Service).
>
> 1) An error in the processing of HTTP headers can be exploited to
> cause a DoS by sending duplicate HTTP headers with a trailing
> whitespace character.
>
> 2) An error in mod_auth can be exploited to cause a DoS by sending
> requests with the algorithm set to "MD5-sess" and without a cnonce.
>
> 3) An error when parsing Auth-Digest headers in mod_auth can
> potentially be exploited to cause a DoS by sending multiple
> whitespace characters.
>
> 4) An error exists in the mechanism that limits the number of active
> connections. This can be exploited to cause a DoS.
>
> 5) An error exists in the processing of HTTP requests. This can be
> exploited to access restricted files by adding a "/" to an URL.
>
> 6) An error exists in mod_scgi. This can be exploited to cause a DoS
> by sending a SCGI request and closing the connection while lighttpd
> processes the request.
>
> The vulnerabilities are reported in lighttpd-1.4.15. Previous
> versions may also be affected.
>
> SOLUTION:
> Fixed in the developer branch.
>
> 1) http://trac.lighttpd.net/trac/changeset/1869?format=diff&new=1869
> 2), 3)
> http://trac.lighttpd.net/trac/changeset/1875?format=diff&new=1875
> 4) http://trac.lighttpd.net/trac/changeset/1873?format=diff&new=1873
> 5) http://trac.lighttpd.net/trac/changeset/1871?format=diff&new=1871
> 6) http://trac.lighttpd.net/trac/changeset/1882?format=diff&new=1882
>
> ORIGINAL ADVISORY:
> 1) http://trac.lighttpd.net/trac/ticket/1232
> 2, 3) http://trac.lighttpd.net/trac/changeset/1875
> 4) http://trac.lighttpd.net/trac/ticket/1216
> 5) http://trac.lighttpd.net/trac/ticket/1230
> 6) http://trac.lighttpd.net/trac/ticket/1263
>
>
> -- System Information:
> Debian Release: lenny/sid
> APT prefers unstable
> APT policy: (900, 'unstable'), (5, 'experimental')
> Architecture: i386 (i686)
>
> Kernel: Linux 2.6.22-rc1 (SMP w/2 CPU cores)
> Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
> Shell: /bin/sh linked to /bin/bash
>
>
> _______________________________________________
> pkg-lighttpd-maintainers mailing list
> [EMAIL PROTECTED]
> http://lists.alioth.debian.org/mailman/listinfo/pkg-lighttpd-maintainers
--
·O· Pierre Habouzit
··O [EMAIL PROTECTED]
OOO http://www.madism.org
pgpbUd9KtykhN.pgp
Description: PGP signature
--- End Message ---
