Missing NULL pointer check when accessing nonce/cnonce during digest auth =========================================================================== Description ------------- When using the md5-sess algorithm lighttpd did not check if the cnonce was NULL. This leads to a null pointer dereference and crashes lighttpd. To successfully crash lighttpd you need to know an username. mod_auth is not loaded by default and it needs to be configured to be used. Bug reported by Stefan Esser. Affected versions ------------------- All previous versions. Solutions or Workaround ------------------------- There is no known workaround. Please update to 1.4.16 or apply lighttpd-1.4.x_mod_auth_sec.patch. The patch fixes also: lighttpd_sa2007_04 lighttpd_sa2007_05 lighttpd_sa2007_06 lighttpd_sa2007_07