lighttpd is prone to a denial-of-service vulnerability. Remote attackers can exploit this issue to cause the application to hang, denying service to legitimate users.
SVN fixes and patches are available. Please see the references for details.
- IOServer Trailing Backslash Multiple Directory Traversal Vulnerabilities
- IBM WebSphere Application Server (WAS) Multiple Vulnerabilities
- Acme thttpd and mini_httpd Terminal Escape Sequence in Logs Command Injection Vulnerability
- Apache Tomcat Multiple Security Bypass Vulnerabilities (Windows)
- IBM WebSphere Application Server (WAS) Multiple Vulnerabilities 02 - March 2011