CVE Vulnerabilities

CVE-2008-4298

Published: Sep 27, 2008 | Modified: Oct 11, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
5 MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
RedHat/V2
RedHat/V3
Ubuntu

Memory leak in the http_request_parse function in request.c in lighttpd before 1.4.20 allows remote attackers to cause a denial of service (memory consumption) via a large number of requests with duplicate request headers.

Affected Software

Name Vendor Start Version End Version
Lighttpd Lighttpd 1.1.1 1.1.1
Lighttpd Lighttpd 1.1.2 1.1.2
Lighttpd Lighttpd 1.1.3 1.1.3
Lighttpd Lighttpd 1.1.4 1.1.4
Lighttpd Lighttpd 1.1.5 1.1.5
Lighttpd Lighttpd 1.1.6 1.1.6
Lighttpd Lighttpd 1.1.7 1.1.7
Lighttpd Lighttpd 1.1.8 1.1.8
Lighttpd Lighttpd 1.1.9 1.1.9
Lighttpd Lighttpd 1.2.1 1.2.1
Lighttpd Lighttpd 1.2.2 1.2.2
Lighttpd Lighttpd 1.2.3 1.2.3
Lighttpd Lighttpd 1.2.4 1.2.4
Lighttpd Lighttpd 1.2.5 1.2.5
Lighttpd Lighttpd 1.2.6 1.2.6
Lighttpd Lighttpd 1.2.7 1.2.7
Lighttpd Lighttpd 1.2.8 1.2.8
Lighttpd Lighttpd 1.3.0 1.3.0
Lighttpd Lighttpd 1.3.1 1.3.1
Lighttpd Lighttpd 1.3.2 1.3.2
Lighttpd Lighttpd 1.3.3 1.3.3
Lighttpd Lighttpd 1.3.4 1.3.4
Lighttpd Lighttpd 1.3.5 1.3.5
Lighttpd Lighttpd 1.3.6 1.3.6
Lighttpd Lighttpd 1.3.7 1.3.7
Lighttpd Lighttpd 1.3.8 1.3.8
Lighttpd Lighttpd 1.3.9 1.3.9
Lighttpd Lighttpd 1.3.10 1.3.10
Lighttpd Lighttpd 1.3.11 1.3.11
Lighttpd Lighttpd 1.3.12 1.3.12
Lighttpd Lighttpd 1.3.13 1.3.13
Lighttpd Lighttpd 1.3.14 1.3.14
Lighttpd Lighttpd 1.3.15 1.3.15
Lighttpd Lighttpd 1.3.16 1.3.16
Lighttpd Lighttpd 1.4.0 1.4.0
Lighttpd Lighttpd 1.4.1 1.4.1
Lighttpd Lighttpd 1.4.2 1.4.2
Lighttpd Lighttpd 1.4.3 1.4.3
Lighttpd Lighttpd 1.4.4 1.4.4
Lighttpd Lighttpd 1.4.5 1.4.5
Lighttpd Lighttpd 1.4.6 1.4.6
Lighttpd Lighttpd 1.4.7 1.4.7
Lighttpd Lighttpd 1.4.8 1.4.8
Lighttpd Lighttpd 1.4.9 1.4.9
Lighttpd Lighttpd 1.4.10 1.4.10
Lighttpd Lighttpd 1.4.11 1.4.11
Lighttpd Lighttpd 1.4.12 1.4.12
Lighttpd Lighttpd 1.4.13 1.4.13
Lighttpd Lighttpd 1.4.14 1.4.14
Lighttpd Lighttpd 1.4.15 1.4.15
Lighttpd Lighttpd 1.4.16 1.4.16
Lighttpd Lighttpd 1.4.17 1.4.17
Lighttpd Lighttpd 1.4.18 1.4.18
Lighttpd Lighttpd * 1.4.19
Lighttpd Ubuntu dapper *
Lighttpd Ubuntu feisty *
Lighttpd Ubuntu gutsy *
Lighttpd Ubuntu hardy *
Lighttpd Ubuntu intrepid *
Lighttpd Ubuntu upstream *

References