WEB APPLICATION VULNERABILITIES Standard & Premium

Lighttpd Resource Management Errors Vulnerability (CVE-2010-0295)

Description

lighttpd before 1.4.26, and 1.5.x, allocates a buffer for each read operation that occurs for a request, which allows remote attackers to cause a denial of service (memory consumption) by breaking a request into small pieces that are sent at a slow rate.

Remediation

References

Related Vulnerabilities

WordPress Plugin All-In-One Security (AIOS)-Security and Firewall Cross-Site Request Forgery (5.1.0)

WordPress Plugin Apocalypse Meow Security Bypass (21.2.7)

Envoy Proxy Improper Encoding or Escaping of Output Vulnerability (CVE-2023-35941)

Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-4403)

Oracle Database Server CVE-2015-2629 Vulnerability (CVE-2015-2629)

Severity

Medium

Classification

CVE-2010-0295

Tags

Missing Update Known Vulnerabilities