Description

lighttpd 1.4.12 and 1.4.13 allows remote attackers to cause a denial of service (cpu and resource consumption) by disconnecting while lighttpd is parsing CRLF sequences, which triggers an infinite loop and file descriptor consumption.

Remediation

References

CVE-2007-1869

Related Vulnerabilities

phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-4999)

MySQL CVE-2021-35618 Vulnerability (CVE-2021-35618)

MySQL CVE-2021-35631 Vulnerability (CVE-2021-35631)

Perl Integer Overflow or Wraparound Vulnerability (CVE-2020-10878)

OpenSSL Resource Management Errors Vulnerability (CVE-2006-2940)

Severity

Medium

Classification

CVE-2007-1869

Tags

Missing Update Known Vulnerabilities