lighttpd before 1.4.26, and 1.5.x, allocates a buffer for each read operation that occurs for a request, which allows remote attackers to cause a denial of service (memory consumption) by breaking a request into small pieces that are sent at a slow rate.
Max CVSS
5.0
EPSS Score
7.43%
Published
2010-02-03
Updated
2017-08-17
1 vulnerabilities found