Description

The connection_state_machine function (connections.c) in lighttpd 1.4.19 and earlier, and 1.5.x before 1.5.0, allows remote attackers to cause a denial of service (active SSL connection loss) by triggering an SSL error, such as disconnecting before a download has finished, which causes all active SSL connections to be lost.

Remediation

References

CVE-2008-1531

Related Vulnerabilities

WordPress Plugin 10Web Map Builder for Google Maps Security Bypass (1.0.63)

WordPress Plugin Import Woocommerce Cross-Site Scripting (1.0.1)

WordPress Plugin MailCWP Arbitrary File Upload (1.100)

WordPress Plugin link-list-manager Cross-Site Scripting (1.0)

WordPress Plugin RegistrationMagic-Custom Registration Forms, User Registration, Payment, and User Login Cross-Site Scripting (5.0.1.8)

Severity

Medium

Classification

CVE-2008-1531

Tags

Missing Update Known Vulnerabilities