VUL-0: CVE-2011-4362: lighttpd/mod_auth out-of-bounds read due to signedness error
This update of lighttpd fixes an out-of-bounds read due to
a signedness error which could cause a Denial of Service
(CVE-2011-4362). Additionally an option was added to honor
the server cipher order (resolves lighttpd#2364).
-
Submitted by
Adrian Schröter (adrianSuSE)
- Version 5735
Fixed bugs
bnc#733607
VUL-0: CVE-2011-4362: lighttpd/mod_auth out-of-bounds read due to signedness error
CVE#CVE-2011-4362
Integer signedness error in the base64_decode function in the HTTP authentication functionality (http_auth.c) in lighttpd 1.4 before 1.4.30 and 1.5 before SVN revision 2806 allows remote attackers to cause a denial of service (segmentation fault) via craf
