General

Profile

stze

  • Registered on: 2017-05-06
  • Last connection: 2019-04-11

Issues

Activity

2019-04-11

14:59 Lighttpd Bug #2945: Security - SIGABRT during GET request handling with url-path-2f-decode enabled
@gstrauss. The score is set by Mitre, not by me. I just issued the cve request and also mentioned that it is only exp...
06:36 Lighttpd Bug #2945: Security - SIGABRT during GET request handling with url-path-2f-decode enabled
tracked as CVE-2019-11072

2019-04-09

14:49 Lighttpd Bug #2945: Security - SIGABRT during GET request handling with url-path-2f-decode enabled
One more information. The issue looks like it's an int overflow in buffer_copy_string_len:
buffer_copy_string_len(...
14:05 Lighttpd Bug #2945 (Fixed): Security - SIGABRT during GET request handling with url-path-2f-decode enabled
Dear lighttpd team —
I have detected a SIGABRT during handling a malicious GET request with option url-path-2f-dec...

2017-05-06

08:31 Lighttpd Bug #2810 (Fixed): Missing array entry type check in config_insert (configfile.c), SIGSEGV
Hello,
opening the attached sample config input file with lighttpd results in a
crash (SIGSEGV). The input file ...
08:26 Lighttpd Bug #2809 (Fixed): Memory corruption in yy_reduce (configparser.y), SIGSEGV
Hello,
opening the attached sample config input file with lighttpd results in a
crash (SIGSEGV). The input file ...

Also available in: Atom