Description

lighttpd before 1.4.26, and 1.5.x, allocates a buffer for each read operation that occurs for a request, which allows remote attackers to cause a denial of service (memory consumption) by breaking a request into small pieces that are sent at a slow rate.

Remediation

References

CVE-2010-0295

Related Vulnerabilities

Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2008-3327)

IBM RTC Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2018-1984)

WordPress Plugin SEO-Dashboard by gutewebsites.de Cross-Site Scripting (1.2.5)

WordPress Plugin Custom Post Type Relations Cross-Site Scripting (1.0)

WordPress Plugin simple sort&search Cross-Site Scripting (0.0.3)

Severity

Medium

Classification

CVE-2010-0295

Tags

Missing Update Known Vulnerabilities