Denial of Service Vulnerability in Lighttpd by CyberAttackers
CVE-2008-1531

Currently unrated

Key Information:

Vendor

Lighttpd

Status
Lighttpd
Vendor
CVE Published:
27 March 2008

What is CVE-2008-1531?

The connection_state_machine function in Lighttpd versions 1.4.19 and earlier, as well as in 1.5.x prior to version 1.5.0, is susceptible to a Denial of Service attack. An attacker can exploit this vulnerability by triggering an SSL error—such as disconnecting before a download is completed—which results in the loss of all active SSL connections. This could render the affected lighttpd server temporarily unavailable and disrupt services relying on secure connections.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

http://trac.lighttpd.net/trac/ticket/285#comment:21
x_refsource_MISC
https://issues.rpath.com/browse/RPL-2407
x_refsource_CONFIRM
https://bugs.gentoo.org/show_bug.cgi?id=214892
x_refsource_CONFIRM

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.