CVE-2007-3946

Name of the Vulnerable Software and Affected Versions: lighttpd versions 1.4.15 and prior

Description: The issue allows remote attackers to cause a denial of service (daemon crash) via unspecified vectors involving a memory leak, use of md5-sess without a cnonce, base64 encoded strings, and trailing whitespace in the Auth-Digest header. Additionally, errors in processing HTTP headers, mod auth, and parsing Auth-Digest headers can be exploited to cause a denial of service. There are also issues with the mechanism that limits the number of active connections, processing of HTTP requests, and mod scgi that can be exploited to cause a denial of service or access restricted files.

Recommendations: For lighttpd versions 1.4.15 and prior, update to version 1.4.16 or later to resolve the issue. As a temporary workaround, consider restricting access to the mod auth module until a patch is available. Avoid using the md5-sess algorithm without a cnonce in the Auth-Digest header until the issue is resolved. Restrict access to the mod scgi module to minimize the risk of exploitation. Apply configuration changes to limit the number of active connections and restrict access to sensitive files.