Lucene search

K
ubuntucveUbuntu.comUB:CVE-2008-4298
HistorySep 27, 2008 - 12:00 a.m.

CVE-2008-4298

2008-09-2700:00:00
ubuntu.com
ubuntu.com
8

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.111 Low

EPSS

Percentile

95.2%

Memory leak in the http_request_parse function in request.c in lighttpd
before 1.4.20 allows remote attackers to cause a denial of service (memory
consumption) via a large number of requests with duplicate request headers.

Bugs

OSVersionArchitecturePackageVersionFilename
ubuntu8.04noarchlighttpd< 1.4.19-0ubuntu3.1UNKNOWN

5 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.111 Low

EPSS

Percentile

95.2%