29 September 2008, 10:31
DoS vulnerability in Lighttpd server
Lighttpd, the lightweight web server, is vunerable to a denial of service attack due to a memory leak. If the server is exposed to HTTP requests with duplicated request data, the memory for previous request data is not released, leaking memory which could eventually slow or stop the server.
The error has been found in Lighttpd 1.4.19, with a source code patch available which has been integrated into the Lighthttpd repository, which also fixes the issue for the pre-release Lighttpd 1.4.20 which should be available soon.
(djwm)
Print Version | Send by email
| Permalink: http://h-online.com/-737461
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/6/7/2/comingin310_4_kicker-4977194bfb0de0d7.png)
![Kernel Log: Coming in 3.10 (Part 3) [--] Infrastructure](/imgs/43/1/0/4/2/3/2/3/comingin310_3_kicker-151cd7b9e9660f05.png)
