Lighttpd Slow Request Handling Remote Denial Of Service Vulnerability Network Vulnerability

Summary

lighttpd is prone to a denial-of-service vulnerability. Remote attackers can exploit this issue to cause the application to hang, denying service to legitimate users.

Solution

SVN fixes and patches are available. Please see the references for details.

References

http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2010_01.txt
http://redmine.lighttpd.net/issues/2147
http://www.lighttpd.net/
http://www.securityfocus.com/bid/38036

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-0295
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

GoAhead WebServer Script Source Code Disclosure
HServer Webserver Multiple Directory Traversal Vulnerabilities
Cherokee URI Directory Traversal Vulnerability and Information Disclosure Vulnerability
BadBlue invalid null byte vulnerability
IBM WebSphere Application Server (WAS) Multiple Vulnerabilities 02 - March 2011

lighttpd Slow Request Handling Remote Denial Of Service Vulnerability

Take action and discover your vulnerabilities