{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[],"affected_systems_content":"<P>lighttpd 1.x.</P>","content":"## Description\n\nUne vuln\u00e9rabilit\u00e9 dans la gestion des erreurs OpenSSL permet \u00e0 un\nindividu malveillant de fermer des sessions SSL en cours de lighttpd.\n\n## Solution\n\nSe r\u00e9f\u00e9rer \u00e0 l'alerte de s\u00e9curit\u00e9 lighttpd \\#285 pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2008-1531","url":"https://www.cve.org/CVERecord?id=CVE-2008-1531"}],"links":[],"reference":"CERTA-2008-AVI-177","revisions":[{"description":"version initiale.","revision_date":"2008-04-03T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"}],"summary":"Une vuln\u00e9rabilit\u00e9 affectant lighttpd permet \u00e0 une personne malveillante\nd'effectuer un d\u00e9ni de service \u00e0 distance.\n","title":"Vuln\u00e9rabilit\u00e9 dans lighttpd","vendor_advisories":[{"published_at":null,"title":"Alerte de s\u00e9curit\u00e9 lighttpd #285 du 22 septembre 2005","url":"http://trac.lighttpd.net/security/lighttpd_sa_2008_04.txt"}]}