HTTP File Server is prone to multiple vulnerabilities including a security- bypass issue and a denial-of-service issue. Exploiting these issues will allow an attacker to download files from restricted directories within the context of the application or cause denial-of-service conditions.
Reportedly the vendor has fixed the issue. Please see the references for more information.
- lighttpd Slow Request Handling Remote Denial Of Service Vulnerability
- CA ARCserver D2D GWT RPC Request Multiple Vulnerabilities
- Lil' HTTP Server Cross Site Scripting Vulnerability
- JBoss Enterprise Application Platform Multiple Vulnerabilities
- Apache Tomcat Request Object Security Bypass Vulnerability (Win)