Description

lighttpd 1.4.12 and 1.4.13 allows remote attackers to cause a denial of service (cpu and resource consumption) by disconnecting while lighttpd is parsing CRLF sequences, which triggers an infinite loop and file descriptor consumption.

Remediation

References

CVE-2007-1869

Related Vulnerabilities

Apache Tomcat URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2018-11784)

phpMyFAQ Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2014-6048)

axios Server-Side Request Forgery (SSRF) Vulnerability (CVE-2024-39338)

Oracle JRE CVE-2012-3136 Vulnerability (CVE-2012-3136)

WordPress Plugin WP Glossary 'ajax.php' SQL Injection (0.1)

Severity

Medium

Classification

CVE-2007-1869

Tags

Missing Update Known Vulnerabilities