CVE-2010-0295
Get alerts for future matching vulnerabilitiesLog in to subscribe
I. Basic Information for CVE-2010-0295
Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗ Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
lighttpd before 1.4.26, and 1.5.x, allocates a buffer for each read operation that occurs for a request, which allows remote attackers to cause a denial of service (memory consumption) by breaking a request into small pieces that are sent at a slow rate.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
lighttpd畸形HTTP请求远程拒绝服务漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
lighttpd是德国软件开发者Jan Kneschke所研发的一款开源的Web服务器,它的主要特点是仅需少量的内存及CPU资源即可达到同类网页服务器的性能。 Lighttpd服务器每次接收到网络报文都会分配4K或16K的堆内存,如果远程攻击者缓慢的发送HTTP请求(如每秒钟发送1字节),就会耗尽所有可用内存导致服务器终止。
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)
Affected Products
| Vendor | Product | Affected Versions | CPE | Subscribe |
|---|---|---|---|---|
| - | n/a | n/a | - |
II. Public POCs for CVE-2010-0295
| # | POC Description | Source Link | Shenlong Link |
|---|
AI-Generated POCPremium
No public POC found.
Login to generate AI POCIII. Intelligence Information for CVE-2010-0295
Please Login to view more intelligence information
- http://redmine.lighttpd.net/projects/lighttpd/repository/revisions/2710x_refsource_CONFIRM
- http://blogs.sun.com/security/entry/cve_2010_0295_vulnerability_inx_refsource_CONFIRM
- http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2010_01.txtx_refsource_CONFIRM
- http://redmine.lighttpd.net/projects/lighttpd/repository/revisions/2711x_refsource_CONFIRM
- http://redmine.lighttpd.net/issues/2147x_refsource_CONFIRM
- http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041264.htmlvendor-advisoryx_refsource_FEDORA
- http://lists.fedoraproject.org/pipermail/package-announce/2010-May/041296.htmlvendor-advisoryx_refsource_FEDORA
- http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00003.htmlvendor-advisoryx_refsource_SUSE
- https://nvd.nist.gov/vuln/detail/CVE-2010-0295
Same Patch Batch · n/a · 2010-02-03 · 12 CVEs total
| CVE-2009-3387 | Mozilla Bugzilla组选择信息泄露漏洞 | |
| CVE-2009-3989 | Mozilla Bugzilla目录访问信息泄露漏洞 | |
| CVE-2010-0038 | Apple iPhone 操作系统 USB控制消息信息泄露漏洞 | |
| CVE-2010-0305 | Process-One ejabberd ‘ejabberd_c2s.erl’拒绝服务漏洞 | |
| CVE-2010-0496 | FreeBit ServersMan服务器 HEAD请求拒绝服务攻击漏洞 | |
| CVE-2009-4184 | HP企业集群管理大师工具包 权限提升漏洞 | |
| CVE-2010-0185 | Adobe ColdFusion Solr服务信息泄露漏洞 | |
| CVE-2010-0304 | Wireshark LWRES协议解析模块栈溢出漏洞 | |
| CVE-2010-0308 | Squid-Cache特制DNS报文远程拒绝服务漏洞 | |
| CVE-2010-0440 | Cisco Secure Desktop translation参数跨站脚本漏洞 | |
| CVE-2010-0453 | Sun Solaris CODE_GET_VERSION IOCTL本地拒绝服务漏洞 |
IV. Related Vulnerabilities
Same vendor: n/a
- CVE-2026-8250
Open5GS SMF n4-build.c smf_n4_build_qos_flow_to_modify_list - CVE-2026-8249
Open5GS SMF npcf-handler.c update_authorized_pcc_rule_and_qo - CVE-2026-8248
Open5GS SMF npcf-handler.c update_authorized_pcc_rule_and_qo - CVE-2026-8226
Open5GS types.c ogs_pcc_rule_install_flow_from_media denial - CVE-2026-8225
Open5GS delete Endpoint sm-sm.c pcf_npcf_smpolicycontrol_han
V. Comments for CVE-2010-0295
No comments yet