CVE-2008-0983
Published: 26 February 2008
lighttpd 1.4.18, and possibly other versions before 1.5.0, does not properly calculate the size of a file descriptor array, which allows remote attackers to cause a denial of service (crash) via a large number of connections, which triggers an out-of-bounds access.
Notes
Author | Note |
---|---|
jdstrand | per emgent, this is fixed with 90_maxfds_crash_fix |