Oval Definition:oval:org.opensuse.security:def:20114362
Revision Date:2022-09-02Version:1
Title:CVE-2011-4362
Description:

Integer signedness error in the base64_decode function in the HTTP authentication functionality (http_auth.c) in lighttpd 1.4 before 1.4.30 and 1.5 before SVN revision 2806 allows remote attackers to cause a denial of service (segmentation fault) via crafted base64 input that triggers an out-of-bounds read with a negative index.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2011-4362
Mitre CVE-2011-4362
SUSE CVE-2011-4362
openSUSE-SU-2012:0240-1
openSUSE-SU-2012:0240-1
SUSE-SU-2012:0201-1
SUSE-SU-2012:0201-1
SUSE-SU-2012:0201-2
SUSE-SU-2012:0201-2
Platform(s):openSUSE 11.4
openSUSE 12.1
openSUSE 12.1 Update
openSUSE Tumbleweed
SLE SDK 10 SP4 for IBM iSeries and IBM pSeries
SLE SDK 10 SP4 for IBM zSeries
SLE SDK 10 SP4 for IPF
SLE SDK 10 SP4 for x86
SLE SDK 10 SP4 for X86-64
SUSE Lifecycle Management Server 1.1 [Appliance - Tools]
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise High Availability 12 SP2
SUSE Linux Enterprise High Availability 12 SP3
SUSE Linux Enterprise High Availability 12 SP4
SUSE Linux Enterprise High Availability 12 SP5
SUSE Linux Enterprise High Availability Extension 11 SP1
SUSE Linux Enterprise High Availability Extension 11 SP2
SUSE Linux Enterprise High Performance Computing 11 SP2
SUSE Linux Enterprise High Performance Computing 12 SP2
SUSE Linux Enterprise High Performance Computing 12 SP3
SUSE Linux Enterprise High Performance Computing 12 SP4
SUSE Linux Enterprise High Performance Computing 12 SP5
SUSE Linux Enterprise Server 11 SP2
SUSE Linux Enterprise Server 11 SP4
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP4
SUSE Linux Enterprise Server 12 SP5
SUSE Linux Enterprise Server for SAP Applications 11 SP2
SUSE Linux Enterprise Server for SAP Applications 11 SP4
SUSE Linux Enterprise Server for SAP Applications 12 SP2
SUSE Linux Enterprise Server for SAP Applications 12 SP3
SUSE Linux Enterprise Server for SAP Applications 12 SP4
SUSE Linux Enterprise Server for SAP Applications 12 SP5
SUSE Linux Enterprise Software Development Kit 11 SP1
SUSE Linux Enterprise Software Development Kit 11 SP4
SUSE Studio Onsite 1.1 [Appliance - Studio]
Product(s):
Definition Synopsis
  • SUSE Linux Enterprise High Availability Extension 11 SP2 is installed
  • AND lighttpd-1.4.20-2.46.10 is installed
    • Definition Synopsis
  • sles10-sp4-sdk is installed
  • AND Package Information
  • lighttpd-mod_cml less than 1.4.10-11.32.1
  • OR lighttpd-mod_mysql_vhost less than 1.4.10-11.32.1
  • OR lighttpd-mod_rrdtool less than 1.4.10-11.32.1
  • OR lighttpd-mod_trigger_b4_dl less than 1.4.10-11.32.1
  • OR lighttpd-mod_webdav less than 1.4.10-11.32.1
  • OR lighttpd less than 1.4.10-11.32.1
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise High Availability Extension 11 SP2 is installed
  • AND lighttpd-1.4.20-2.46 is installed
  • OR Package Information
  • SUSE Linux Enterprise Software Development Kit 11 SP4 is installed
  • AND
  • lighttpd-1.4.20-2.54 is installed
  • OR lighttpd-mod_cml-1.4.20-2.54 is installed
  • OR lighttpd-mod_magnet-1.4.20-2.54 is installed
  • OR lighttpd-mod_mysql_vhost-1.4.20-2.54 is installed
  • OR lighttpd-mod_rrdtool-1.4.20-2.54 is installed
  • OR lighttpd-mod_trigger_b4_dl-1.4.20-2.54 is installed
  • OR lighttpd-mod_webdav-1.4.20-2.54 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise High Availability 12 SP2 is installed
  • AND lighttpd-1.4.35-1 is installed
  • OR Package Information
  • SUSE Linux Enterprise High Availability 12 SP3 is installed
  • AND lighttpd-1.4.35-3 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise High Availability 12 SP2 is installed
  • AND lighttpd-1.4.35-1 is installed
  • OR Package Information
  • SUSE Linux Enterprise High Availability 12 SP3 is installed
  • OR SUSE Linux Enterprise High Availability 12 SP4 is installed
  • AND lighttpd-1.4.35-3 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise High Availability 12 SP2 is installed
  • AND lighttpd-1.4.35-1 is installed
  • OR Package Information
  • SUSE Linux Enterprise High Availability 12 SP3 is installed
  • OR SUSE Linux Enterprise High Availability 12 SP4 is installed
  • OR SUSE Linux Enterprise High Availability 12 SP5 is installed
  • AND lighttpd-1.4.35-3 is installed
    • Definition Synopsis
  • openSUSE Tumbleweed is installed
  • AND Package Information
  • lighttpd-1.4.37-1.6 is installed
  • OR lighttpd-mod_cml-1.4.37-1.6 is installed
  • OR lighttpd-mod_geoip-1.4.37-1.6 is installed
  • OR lighttpd-mod_magnet-1.4.37-1.6 is installed
  • OR lighttpd-mod_mysql_vhost-1.4.37-1.6 is installed
  • OR lighttpd-mod_rrdtool-1.4.37-1.6 is installed
  • OR lighttpd-mod_trigger_b4_dl-1.4.37-1.6 is installed
  • OR lighttpd-mod_webdav-1.4.37-1.6 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise High Availability Extension 11 SP2 is installed
  • AND lighttpd-1.4.20-2.46.10 is installed
  • OR Package Information
  • SUSE Linux Enterprise Software Development Kit 11 SP4 is installed
  • AND
  • lighttpd-1.4.20-2.54.1 is installed
  • OR lighttpd-mod_cml-1.4.20-2.54.1 is installed
  • OR lighttpd-mod_magnet-1.4.20-2.54.1 is installed
  • OR lighttpd-mod_mysql_vhost-1.4.20-2.54.1 is installed
  • OR lighttpd-mod_rrdtool-1.4.20-2.54.1 is installed
  • OR lighttpd-mod_trigger_b4_dl-1.4.20-2.54.1 is installed
  • OR lighttpd-mod_webdav-1.4.20-2.54.1 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise High Availability 12 SP3 is installed
  • OR SUSE Linux Enterprise High Availability 12 SP4 is installed
  • OR SUSE Linux Enterprise High Availability 12 SP5 is installed
  • AND lighttpd-1.4.35-3.1 is installed
  • OR Package Information
  • SUSE Linux Enterprise High Availability 12 SP2 is installed
  • AND lighttpd-1.4.35-1.34 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise High Availability 12 SP5 is installed
  • OR SUSE Linux Enterprise High Performance Computing 12 SP5 is installed
  • OR SUSE Linux Enterprise Server 12 SP5 is installed
  • AND lighttpd-1.4.35-3.1 is installed
    • Definition Synopsis
  • Release Information
  • SUSE Linux Enterprise High Availability 12 SP4 is installed
  • OR SUSE Linux Enterprise High Performance Computing 12 SP4 is installed
  • OR SUSE Linux Enterprise Server 12 SP4 is installed
  • AND lighttpd-1.4.35-3.1 is installed
    • BACK