Intrusion PreventionLighttpd.url-path-2f-decode.DoS
Description
This indicates an attack attempt to exploit a Denial of Service Vulnerability in Lighttpd Project Lighttpd.
A remote, unauthenticated attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the target server. Successful exploitation of this vulnerability could result in denial-of-service conditions on the target server.
Affected Products
Lighttpd Project Lighttpd prior to 1.4.54
Impact
Denial of Service: Remote attackers can crash vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://github.com/lighttpd/lighttpd1.4/commit/32120d5b8b3203fc21ccb9eafb0eaf824bb59354
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2023-06-05 | 23.568 | Sig Added |
| 2023-05-23 | 23.560 | Sig Added |
| 2019-06-06 | 14.627 | Severity:high:critical |
| 2019-05-23 | 14.619 | Sig Added |
| 2019-05-23 | 14.619 | Default_action:pass:drop |
| 2019-05-10 | 14.612 |
| ID | 47818 |
| Created | May 10, 2019 |
| Updated | Jun 02, 2023 |
| Risk |
|
| CVE ID | CVE-2019-11072 |
| Exploit Prediction Score | 77.5% |
| Default Action | drop |
| Active | |
| Affected OS | Linux |
| Affected App | Other |