Description

lighttpd before 1.4.26, and 1.5.x, allocates a buffer for each read operation that occurs for a request, which allows remote attackers to cause a denial of service (memory consumption) by breaking a request into small pieces that are sent at a slow rate.

Remediation

References

CVE-2010-0295

Related Vulnerabilities

WordPress Plugin Mingle Forum Multiple Cross-Site Scripting and SQL Injection Vulnerabilities (1.0.32.1)

MySQL CVE-2016-3452 Vulnerability (CVE-2016-3452)

PHP Improper Input Validation Vulnerability (CVE-2013-4248)

MyBB Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-41362)

TYPO3 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-2718)

Severity

Medium

Classification

CVE-2010-0295

Tags

Missing Update Known Vulnerabilities