Computer Security

lighttpd DoS
back  news / advisories / forum / software / advertising / search / exploits  forward
[EN] securityvulns.ru
no-pyccku



lighttpd DoS
Published:02.02.2010
Source:BUGTRAQ
SecurityVulns ID:10573
Type:remote
Level:6/10
Description:Memory exhaustion on HTTP request reading.
Affected:LIGHTHTTPD : lighttpd 1.4
CVE:CVE-2010-0295 (lighttpd before 1.4.26, and 1.5.x, allocates a buffer for each read operation that occurs for a request, which allows remote attackers to cause a denial of service (memory consumption) by breaking a request into small pieces that are sent at a slow rate.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 1987-1] New lighttpd packages fix denial of service (02.02.2010)
Discuss:Read or add your comments to this news (0 comments)
About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod

 
 


Rating@Mail.ru
test server