Description

Memory leak in the http_request_parse function in request.c in lighttpd before 1.4.20 allows remote attackers to cause a denial of service (memory consumption) via a large number of requests with duplicate request headers.

Remediation

References

CVE-2008-4298

Related Vulnerabilities

WordPress Plugin Portfolio Gallery-Photo Gallery Multiple Unspecified Vulnerabilities (2.0.72)

WordPress Plugin Social Login by BestWebSoft Cross-Site Scripting (0.1)

WordPress Plugin Ultimate Member-User Profile, Registration, Login, Member Directory, Content Restriction & Membership Cross-Site Scripting (2.0.10)

WordPress Plugin Visual Form Builder Unspecified Vulnerability (3.0.5)

WordPress Plugin Elementor Website Builder Cross-Site Scripting (3.5.5)

Severity

Medium

Classification

CVE-2008-4298

Tags

Missing Update Known Vulnerabilities