Description

Memory leak in the http_request_parse function in request.c in lighttpd before 1.4.20 allows remote attackers to cause a denial of service (memory consumption) via a large number of requests with duplicate request headers.

Remediation

References

CVE-2008-4298

Related Vulnerabilities

WordPress Plugin WP-Invoice-Web Invoice and Billing Multiple Vulnerabilities (4.1.0)

AbanteCart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-42050)

XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-29211)

ZenCart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2011-4547)

MySQL CVE-2019-2502 Vulnerability (CVE-2019-2502)

Severity

Medium

Classification

CVE-2008-4298

Tags

Missing Update Known Vulnerabilities