Description

Memory leak in the http_request_parse function in request.c in lighttpd before 1.4.20 allows remote attackers to cause a denial of service (memory consumption) via a large number of requests with duplicate request headers.

Remediation

References

CVE-2008-4298

Related Vulnerabilities

WordPress Plugin Store Locator for WordPress with Google Maps-LotsOfLocales SQL Injection (3.33.1)

EspoCRM Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14546)

Moodle Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2008-1502)

WordPress Plugin Calendar_plugin Cross-Site Scripting (1.0)

Piwigo Improper Access Control Vulnerability (CVE-2016-10105)

Severity

Medium

Classification

CVE-2008-4298

Tags

Missing Update Known Vulnerabilities