Oval Definition:oval:org.opensuse.security:def:20100295
Revision Date:2022-09-02Version:1
Title:CVE-2010-0295
Description:

lighttpd before 1.4.26, and 1.5.x, allocates a buffer for each read operation that occurs for a request, which allows remote attackers to cause a denial of service (memory consumption) by breaking a request into small pieces that are sent at a slow rate.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2010-0295
Mitre CVE-2010-0295
SUSE CVE-2010-0295
SUSE-SR:2010:003
SUSE-SR:2010:003
Platform(s):openSUSE 11.0
openSUSE 11.1
openSUSE 11.2
openSUSE Tumbleweed
SUSE Linux Enterprise High Availability 12 SP2
SUSE Linux Enterprise High Availability 12 SP3
SUSE Linux Enterprise High Availability 12 SP4
SUSE Linux Enterprise High Availability 12 SP5
SUSE Linux Enterprise High Performance Computing 12 SP2
SUSE Linux Enterprise High Performance Computing 12 SP3
SUSE Linux Enterprise High Performance Computing 12 SP4
SUSE Linux Enterprise High Performance Computing 12 SP5
SUSE Linux Enterprise SDK 10 SP2
SUSE Linux Enterprise SDK 10 SP3
SUSE Linux Enterprise SDK 11 GA
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server for SAP Applications 12 SP2
SUSE Linux Enterprise Server for SAP Applications 12 SP3
SUSE Linux Enterprise Server for SAP Applications 12 SP4
SUSE Linux Enterprise Server for SAP Applications 12 SP5
SUSE Linux Enterprise Software Development Kit 11 SP4
Product(s):
Definition Synopsis
  • Release Information
  • sles10-sp2-sdk is installed
  • AND
  • lighttpd-mod_cml less than 1.4.10-11.28.2
  • OR lighttpd-mod_mysql_vhost less than 1.4.10-11.28.2
  • OR lighttpd-mod_rrdtool less than 1.4.10-11.28.2
  • OR lighttpd-mod_trigger_b4_dl less than 1.4.10-11.28.2
  • OR lighttpd-mod_webdav less than 1.4.10-11.28.2
  • OR lighttpd less than 1.4.10-11.28.2
  • OR Package Information
  • sles10-sp3-sdk is installed
  • AND
  • lighttpd-mod_cml less than 1.4.10-11.30.1
  • OR lighttpd-mod_mysql_vhost less than 1.4.10-11.30.1
  • OR lighttpd-mod_rrdtool less than 1.4.10-11.30.1
  • OR lighttpd-mod_trigger_b4_dl less than 1.4.10-11.30.1
  • OR lighttpd-mod_webdav less than 1.4.10-11.30.1
  • OR lighttpd less than 1.4.10-11.30.1
    • Definition Synopsis
  • SUSE Linux Enterprise Software Development Kit 11 SP4 is installed
  • AND Package Information
  • lighttpd-1.4.20-2.54 is installed
  • OR lighttpd-mod_cml-1.4.20-2.54 is installed
  • OR lighttpd-mod_magnet-1.4.20-2.54 is installed
  • OR lighttpd-mod_mysql_vhost-1.4.20-2.54 is installed
  • OR lighttpd-mod_rrdtool-1.4.20-2.54 is installed
  • OR lighttpd-mod_trigger_b4_dl-1.4.20-2.54 is installed
  • OR lighttpd-mod_webdav-1.4.20-2.54 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise High Availability 12 SP2 is installed
  • AND lighttpd-1.4.35-1 is installed
  • OR Package Information
  • SUSE Linux Enterprise High Availability 12 SP3 is installed
  • AND lighttpd-1.4.35-3 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise High Availability 12 SP2 is installed
  • AND lighttpd-1.4.35-1 is installed
  • OR Package Information
  • SUSE Linux Enterprise High Availability 12 SP3 is installed
  • OR SUSE Linux Enterprise High Availability 12 SP4 is installed
  • AND lighttpd-1.4.35-3 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise High Availability 12 SP2 is installed
  • AND lighttpd-1.4.35-1 is installed
  • OR Package Information
  • SUSE Linux Enterprise High Availability 12 SP3 is installed
  • OR SUSE Linux Enterprise High Availability 12 SP4 is installed
  • OR SUSE Linux Enterprise High Availability 12 SP5 is installed
  • AND lighttpd-1.4.35-3 is installed
    • Definition Synopsis
  • openSUSE Tumbleweed is installed
  • AND Package Information
  • lighttpd-1.4.37-1.6 is installed
  • OR lighttpd-mod_cml-1.4.37-1.6 is installed
  • OR lighttpd-mod_geoip-1.4.37-1.6 is installed
  • OR lighttpd-mod_magnet-1.4.37-1.6 is installed
  • OR lighttpd-mod_mysql_vhost-1.4.37-1.6 is installed
  • OR lighttpd-mod_rrdtool-1.4.37-1.6 is installed
  • OR lighttpd-mod_trigger_b4_dl-1.4.37-1.6 is installed
  • OR lighttpd-mod_webdav-1.4.37-1.6 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise High Availability 12 SP3 is installed
  • OR SUSE Linux Enterprise High Availability 12 SP4 is installed
  • OR SUSE Linux Enterprise High Availability 12 SP5 is installed
  • AND lighttpd-1.4.35-3.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise High Availability 12 SP2 is installed
  • AND lighttpd-1.4.35-1.34 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise High Availability 12 SP5 is installed
  • OR SUSE Linux Enterprise High Performance Computing 12 SP5 is installed
  • OR SUSE Linux Enterprise Server 12 SP5 is installed
  • AND lighttpd-1.4.35-3.1 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise High Availability 12 SP4 is installed
  • OR SUSE Linux Enterprise High Performance Computing 12 SP4 is installed
  • OR SUSE Linux Enterprise Server 12 SP4 is installed
  • AND lighttpd-1.4.35-3.1 is installed
    • BACK