In lighttpd 1.4.65, mod_wstunnel does not initialize a handler function pointer if an invalid HTTP request (websocket handshake) is received. It leads to null pointer dereference which crashes the server. It could be used by an external attacker to cause denial of service condition.
References
Link | Resource |
---|---|
https://lists.debian.org/debian-lts-announce/2022/10/msg00002.html | Mailing List Third Party Advisory |
https://redmine.lighttpd.net/issues/3165 | Exploit Issue Tracking Third Party Advisory |
https://security.gentoo.org/glsa/202210-12 | Third Party Advisory |
https://www.debian.org/security/2022/dsa-5243 | Mailing List Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2022-09-12T00:00:00
Updated: 2022-10-31T00:00:00
Reserved: 2022-08-08T00:00:00
Link: CVE-2022-37797
JSON object: View
NVD Information
Status : Analyzed
Published: 2022-09-12T15:15:08.170
Modified: 2022-12-03T01:11:34.457
Link: CVE-2022-37797
JSON object: View
Redhat Information
No data.
CWE