Description

lighttpd 1.4.12 and 1.4.13 allows remote attackers to cause a denial of service (cpu and resource consumption) by disconnecting while lighttpd is parsing CRLF sequences, which triggers an infinite loop and file descriptor consumption.

Remediation

References

CVE-2007-1869

Related Vulnerabilities

WordPress Plugin Permalink Manager Lite Cross-Site Request Forgery (2.2.20.1)

Ruby Improper Authentication Vulnerability (CVE-2019-16201)

WordPress 4.6.x Multiple Vulnerabilities (4.6 - 4.6.19)

MediaWiki Incorrect Permission Assignment for Critical Resource Vulnerability (CVE-2021-36129)

WebLogic Improper Input Validation Vulnerability (CVE-2021-44832)

Severity

Medium

Classification

CVE-2007-1869

Tags

Missing Update Known Vulnerabilities