lighttpd -- denial of service vulnerability

2010-02-02T00:00:00
ID 1A3BD81F-1B25-11DF-BD1A-002170DAAE37
Type freebsd
Reporter FreeBSD
Modified 2010-02-02T00:00:00

Description

Lighttpd security advisory reports:

If you send the request data very slow (e.g. sleep 0.01 after each byte), lighttpd will easily use all available memory and die (especially for parallel requests), allowing a DoS within minutes.