← Back

CVE-2010-0295

nvd nist
Published: Feb 3, 2010Modified: Apr 29, 2026

JSON object

Loading...
5.0
Vector
AV:N/AC:L/Au:N/C:N/I:N/A:P
Exploitability: 10.0 / Impact: 2.9
Source: NVD

Description

lighttpd before 1.4.26, and 1.5.x, allocates a buffer for each read operation that occurs for a request, which allows remote attackers to cause a denial of service (memory consumption) by breaking a request into small pieces that are sent at a slow rate.

Affected (62)

Products: Lighttpd: Lighttpd
Lighttpd
1 product
Lighttpd
Configuration A
62 vulnerable
Vulnerable SoftwareAffected Versions
Lighttpd
Lighttpd
Up to 1.4.25
Lighttpd
Version 1.0.2
Lighttpd
Version 1.0.3
Lighttpd
Version 1.1.0
Lighttpd
Version 1.1.1
Lighttpd
Version 1.1.2
Lighttpd
Version 1.1.3
Lighttpd
Version 1.1.4
Lighttpd
Version 1.1.5
Lighttpd
Version 1.1.6
Lighttpd
Version 1.1.7
Lighttpd
Version 1.1.8
Lighttpd
Version 1.1.9
Lighttpd
Version 1.2.0
Lighttpd
Version 1.2.1
Lighttpd
Version 1.2.2
Lighttpd
Version 1.2.3
Lighttpd
Version 1.2.5
Lighttpd
Version 1.2.6
Lighttpd
Version 1.2.7
Lighttpd
Version 1.2.8
Lighttpd
Version 1.3.0
Lighttpd
Version 1.3.10
Lighttpd
Version 1.3.11
Lighttpd
Version 1.3.12
Lighttpd
Version 1.3.13
Lighttpd
Version 1.3.14
Lighttpd
Version 1.3.15
Lighttpd
Version 1.3.16
Lighttpd
Version 1.3.1
Lighttpd
Version 1.3.2
Lighttpd
Version 1.3.3
Lighttpd
Version 1.3.4
Lighttpd
Version 1.3.5
Lighttpd
Version 1.3.6
Lighttpd
Version 1.3.8
Lighttpd
Version 1.3.9
Lighttpd
Version 1.4.0
Lighttpd
Version 1.4.10
Lighttpd
Version 1.4.11
Lighttpd
Version 1.4.12
Lighttpd
Version 1.4.13
Lighttpd
Version 1.4.14
Lighttpd
Version 1.4.15
Lighttpd
Version 1.4.16
Lighttpd
Version 1.4.17
Lighttpd
Version 1.4.18
Lighttpd
Version 1.4.19
Lighttpd
Version 1.4.20
Lighttpd
Version 1.4.21
Lighttpd
Version 1.4.22
Lighttpd
Version 1.4.23
Lighttpd
Version 1.4.24
Lighttpd
Version 1.4.2
Lighttpd
Version 1.4.3
Lighttpd
Version 1.4.4
Lighttpd
Version 1.4.5
Lighttpd
Version 1.4.6
Lighttpd
Version 1.4.7
Lighttpd
Version 1.4.8
Lighttpd
Version 1.4.9
Lighttpd
Version 1.5.0

Related CWEs

CWE-399
CWE-399

References (38)

Source: secalert@redhat.com
Source: secalert@redhat.com
Patch
Source: secalert@redhat.com
Patch
Source: secalert@redhat.com
Patch
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Vendor Advisory
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: secalert@redhat.com
ExploitPatch
Source: secalert@redhat.com
Source: secalert@redhat.com
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
ExploitPatch
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.