Description
A resource leak in gw_backend.c in lighttpd 1.4.56 through 1.4.66 could lead to a denial of service (connection-slot exhaustion) after a large amount of anomalous TCP behavior by clients. It is related to RDHUP mishandling in certain HTTP/1.1 chunked situations. Use of mod_fastcgi is, for example, affected. This is fixed in 1.4.67.
Remediation
References
Related Vulnerabilities
Apache Tomcat WAR file directory traversal vulnerability
WordPress Plugin WP Statistics SQL Injection (13.2.8)
Oracle Application Server CVE-2008-7236 Vulnerability (CVE-2008-7236)
WordPress 4.3.x Multiple Vulnerabilities (4.3 - 4.3.10)
phpMyAdmin Resource Management Errors Vulnerability (CVE-2016-6632)