In association with heise online

« previous | next »
29 September 2008, 11:31

DoS vulnerability in Lighttpd server

Lighttpd, the lightweight web server, is vunerable to a denial of service attack due to a memory leak. If the server is exposed to HTTP requests with duplicated request data, the memory for previous request data is not released, leaking memory which could eventually slow or stop the server.

The error has been found in Lighttpd 1.4.19, with a source code patch available which has been integrated into the Lighthttpd repository, which also fixes the issue for the pre-release Lighttpd 1.4.20 which should be available soon.

(djwm)

Add your comment

« previous | next »
Print Version | Send by email | Permalink: http://h-online.com/-737461

Also on The H:

  • Share this article
  • Twitter
  • Facebook
  • digg this
  • submit to slashdot
  • post to delicious
  • StumbleUpon
  • submit to reddit
The H Open Headlines

Price Insight Top 10 powered by Skinflint

  1. Samsung SSD 830 Series 128GB
  2. Samsung SSD 830 Series 256GB
  3. Samsung SSD 830 Series Desktop Upgrade Kit 256GB
  4. Intel Core i5-3570K
  5. Samsung Galaxy S3 i9300 16GB blau
  6. Crucial m4 SSD 128GB
  7. Gigabyte GeForce GTX 670 OC
  8. Palit GeForce GTX 670
  9. Diablo 3 (deutsch)
  10. Samsung Galaxy Nexus i9250 16GB silber

The H

The H open source

The H Security

The H Internet Toolkit