oss-sec mailing list archives

Re: Additional information on CVE-2014-2469?

From: Ritwik Ghoshal <ritwik.ghoshal () oracle com>
Date: Mon, 21 Jul 2014 11:19:21 -0700

Hi Moritz,

As far as we know CVE-2014-2469 affects lighttpd in Solaris only. I have
fixed the typo in our advisory. Thank you for pointing it out.


Thanks,
-Ritwik Ghoshal

-------- Original Message --------
Subject:     [oss-security] Additional information on CVE-2014-2469?
Date:     Sun, 20 Jul 2014 11:10:59 +0200
From:     Moritz Muehlenhoff <jmm () debian org>
Reply-To:     oss-security () lists openwall com
To:     oss-security () lists openwall com

Is there anyone from Oracle on the list? Does anyone have further
information on CVE-2014-2469?
https://blogs.oracle.com/sunsecurity/entry/cve_2014_2469_denial_of

I assume that's a typo in the advisory and was meant to say lighttpd
instead of lighthttpd? If so, Is this Solaris/Oracle-specific?

Cheers,
        Moritz

Current thread:

Additional information on CVE-2014-2469? Moritz Muehlenhoff (Jul 20)
- <Possible follow-ups>
- Re: Additional information on CVE-2014-2469? Ritwik Ghoshal (Jul 21)
  - Re: Additional information on CVE-2014-2469? Tomas Hoger (Jul 29)