CVE-2012-5533 - Vulnerability Details - OpenCVE

The http_request_split_value function in request.c in lighttpd before 1.4.32 allows remote attackers to cause a denial of service (infinite loop) via a request with a header containing an empty token, as demonstrated using the "Connection: TE,,Keep-Alive" header.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Lighttpd	Lighttpd

Configuration 1 [-]

OR	cpe:2.3:a:lighttpd:lighttpd:1.4.31:::::::*
	cpe:2.3:a:lighttpd:lighttpd:1.4.32:::::::*

No data.

References

Link	Providers
http://download.lighttpd.net/lighttpd/security/lighttpd-1.4.31_fix_connection_header_dos.patch
http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2012_01.txt
http://lists.opensuse.org/opensuse-updates/2012-11/msg00044.html
http://lists.opensuse.org/opensuse-updates/2014-01/msg00051.html
http://marc.info/?l=bugtraq&m=141576815022399&w=2
http://osvdb.org/87623
http://packetstormsecurity.org/files/118282/Simple-Lighttpd-1.4.31-Denial-Of-Service.html
http://secunia.com/advisories/51268
http://secunia.com/advisories/51298
http://www.exploit-db.com/exploits/22902
http://www.mandriva.com/security/advisories?name=MDVSA-2013:100
http://www.openwall.com/lists/oss-security/2012/11/21/1
http://www.securityfocus.com/bid/56619
http://www.securitytracker.com/id?1027802
https://exchange.xforce.ibmcloud.com/vulnerabilities/80213
https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0345

History

No history.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2012-11-24T20:00:00

Updated: 2024-08-06T21:05:47.345Z

Reserved: 2012-10-24T00:00:00

Link: CVE-2012-5533

Vulnrichment

No data.

NVD

Status : Deferred

Published: 2012-11-24T20:55:04.307

Modified: 2025-04-11T00:51:21.963

Link: CVE-2012-5533

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2012-11-21T00:00:00", "descriptions": [{"lang": "en", "value": "The http_request_split_value function in request.c in lighttpd before 1.4.32 allows remote attackers to cause a denial of service (infinite loop) via a request with a header containing an empty token, as demonstrated using the \"Connection: TE,,Keep-Alive\" header."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "[oss-security] 20121121 lighttpd 1.4.32 released, fixing CVE-2012-5533", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2012/11/21/1"}, {"name": "openSUSE-SU-2012:1532", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-updates/2012-11/msg00044.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2012_01.txt"}, {"name": "22902", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "http://www.exploit-db.com/exploits/22902"}, {"name": "1027802", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1027802"}, {"tags": ["x_refsource_MISC"], "url": "http://download.lighttpd.net/lighttpd/security/lighttpd-1.4.31_fix_connection_header_dos.patch"}, {"tags": ["x_refsource_MISC"], "url": "http://packetstormsecurity.org/files/118282/Simple-Lighttpd-1.4.31-Denial-Of-Service.html"}, {"name": "51268", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/51268"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0345"}, {"name": "87623", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/87623"}, {"name": "HPSBGN03191", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://marc.info/?l=bugtraq&m=141576815022399&w=2"}, {"name": "MDVSA-2013:100", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:100"}, {"name": "lighttpd-httprequestsplitvalue-dos(80213)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80213"}, {"name": "51298", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/51298"}, {"name": "openSUSE-SU-2014:0074", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00051.html"}, {"name": "56619", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/56619"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2012-5533", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The http_request_split_value function in request.c in lighttpd before 1.4.32 allows remote attackers to cause a denial of service (infinite loop) via a request with a header containing an empty token, as demonstrated using the \"Connection: TE,,Keep-Alive\" header."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "[oss-security] 20121121 lighttpd 1.4.32 released, fixing CVE-2012-5533", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2012/11/21/1"}, {"name": "openSUSE-SU-2012:1532", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2012-11/msg00044.html"}, {"name": "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2012_01.txt", "refsource": "CONFIRM", "url": "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2012_01.txt"}, {"name": "22902", "refsource": "EXPLOIT-DB", "url": "http://www.exploit-db.com/exploits/22902"}, {"name": "1027802", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1027802"}, {"name": "http://download.lighttpd.net/lighttpd/security/lighttpd-1.4.31_fix_connection_header_dos.patch", "refsource": "MISC", "url": "http://download.lighttpd.net/lighttpd/security/lighttpd-1.4.31_fix_connection_header_dos.patch"}, {"name": "http://packetstormsecurity.org/files/118282/Simple-Lighttpd-1.4.31-Denial-Of-Service.html", "refsource": "MISC", "url": "http://packetstormsecurity.org/files/118282/Simple-Lighttpd-1.4.31-Denial-Of-Service.html"}, {"name": "51268", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/51268"}, {"name": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0345", "refsource": "CONFIRM", "url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0345"}, {"name": "87623", "refsource": "OSVDB", "url": "http://osvdb.org/87623"}, {"name": "HPSBGN03191", "refsource": "HP", "url": "http://marc.info/?l=bugtraq&m=141576815022399&w=2"}, {"name": "MDVSA-2013:100", "refsource": "MANDRIVA", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:100"}, {"name": "lighttpd-httprequestsplitvalue-dos(80213)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80213"}, {"name": "51298", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/51298"}, {"name": "openSUSE-SU-2014:0074", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00051.html"}, {"name": "56619", "refsource": "BID", "url": "http://www.securityfocus.com/bid/56619"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T21:05:47.345Z"}, "title": "CVE Program Container", "references": [{"name": "[oss-security] 20121121 lighttpd 1.4.32 released, fixing CVE-2012-5533", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2012/11/21/1"}, {"name": "openSUSE-SU-2012:1532", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-updates/2012-11/msg00044.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2012_01.txt"}, {"name": "22902", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "http://www.exploit-db.com/exploits/22902"}, {"name": "1027802", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1027802"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://download.lighttpd.net/lighttpd/security/lighttpd-1.4.31_fix_connection_header_dos.patch"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "http://packetstormsecurity.org/files/118282/Simple-Lighttpd-1.4.31-Denial-Of-Service.html"}, {"name": "51268", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/51268"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0345"}, {"name": "87623", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/87623"}, {"name": "HPSBGN03191", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=141576815022399&w=2"}, {"name": "MDVSA-2013:100", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:100"}, {"name": "lighttpd-httprequestsplitvalue-dos(80213)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80213"}, {"name": "51298", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/51298"}, {"name": "openSUSE-SU-2014:0074", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00051.html"}, {"name": "56619", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/56619"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2012-5533", "datePublished": "2012-11-24T20:00:00", "dateReserved": "2012-10-24T00:00:00", "dateUpdated": "2024-08-06T21:05:47.345Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:lighttpd:lighttpd:1.4.31:*:*:*:*:*:*:*", "matchCriteriaId": "EEA16D25-3D16-435F-B704-50013009F0AF", "vulnerable": true}, {"criteria": "cpe:2.3:a:lighttpd:lighttpd:1.4.32:*:*:*:*:*:*:*", "matchCriteriaId": "68C9A1B6-B5B1-4208-9054-C24091D90B6F", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The http_request_split_value function in request.c in lighttpd before 1.4.32 allows remote attackers to cause a denial of service (infinite loop) via a request with a header containing an empty token, as demonstrated using the \"Connection: TE,,Keep-Alive\" header."}, {"lang": "es", "value": "La funci\u00f3n http_request_split_value en request.c en lighttpd en versiones anteriores a 1.4.32 permite a atacantes remotos provocar una denegaci\u00f3n de servicio (bucle infinito) a trav\u00e9s de una petici\u00f3n con una cabecera que contiene un token vac\u00edo, tal como se demuestra utilizando la cabecera \"Connection: TE,,Keep-Alive\"."}], "evaluatorImpact": "Per: http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2012_01.txt\r\n\r\n\" Affected versions\r\n-------------------\r\n\r\nOnly 1.4.31; on the other hand versions before 1.4.31 include the \"invalid read\" bug.\"", "id": "CVE-2012-5533", "lastModified": "2025-04-11T00:51:21.963", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2012-11-24T20:55:04.307", "references": [{"source": "secalert@redhat.com", "tags": ["Patch"], "url": "http://download.lighttpd.net/lighttpd/security/lighttpd-1.4.31_fix_connection_header_dos.patch"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2012_01.txt"}, {"source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-updates/2012-11/msg00044.html"}, {"source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00051.html"}, {"source": "secalert@redhat.com", "url": "http://marc.info/?l=bugtraq&m=141576815022399&w=2"}, {"source": "secalert@redhat.com", "url": "http://osvdb.org/87623"}, {"source": "secalert@redhat.com", "url": "http://packetstormsecurity.org/files/118282/Simple-Lighttpd-1.4.31-Denial-Of-Service.html"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/51268"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/51298"}, {"source": "secalert@redhat.com", "tags": ["Exploit"], "url": "http://www.exploit-db.com/exploits/22902"}, {"source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:100"}, {"source": "secalert@redhat.com", "url": "http://www.openwall.com/lists/oss-security/2012/11/21/1"}, {"source": "secalert@redhat.com", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/56619"}, {"source": "secalert@redhat.com", "url": "http://www.securitytracker.com/id?1027802"}, {"source": "secalert@redhat.com", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80213"}, {"source": "secalert@redhat.com", "url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0345"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch"], "url": "http://download.lighttpd.net/lighttpd/security/lighttpd-1.4.31_fix_connection_header_dos.patch"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2012_01.txt"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-updates/2012-11/msg00044.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://lists.opensuse.org/opensuse-updates/2014-01/msg00051.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://marc.info/?l=bugtraq&m=141576815022399&w=2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://osvdb.org/87623"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://packetstormsecurity.org/files/118282/Simple-Lighttpd-1.4.31-Denial-Of-Service.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/51268"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://secunia.com/advisories/51298"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.exploit-db.com/exploits/22902"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:100"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2012/11/21/1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/56619"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.securitytracker.com/id?1027802"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/80213"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://wiki.mageia.org/en/Support/Advisories/MGASA-2012-0345"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Deferred", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-399"}], "source": "nvd@nist.gov", "type": "Primary"}]}