Description
The connection_state_machine function (connections.c) in lighttpd 1.4.19 and earlier, and 1.5.x before 1.5.0, allows remote attackers to cause a denial of service (active SSL connection loss) by triggering an SSL error, such as disconnecting before a download has finished, which causes all active SSL connections to be lost.
Remediation
References
Related Vulnerabilities
WordPress Plugin Easy Custom Auto Excerpt Cross-Site Scripting (2.4.6)
GlassFish CVE-2017-10385 Vulnerability (CVE-2017-10385)
WordPress Improper Input Validation Vulnerability (CVE-2017-6815)
MySQL Use of Externally-Controlled Format String Vulnerability (CVE-2008-3963)
WordPress 4.4.x Cross-Site Scripting Vulnerability (4.4 - 4.4.2)