lighttpd :: Security alert

[ Thread Index | Date Index | More Archives ]

Hi there,

Debian Security Advisory DSA-1609-1                  security@xxxxxxxxxx                               Steve Kemp
July 15, 2008               


Package        : lighttpd

lighttpd 1.4.18, and possibly other versions before 1.5.0, does not
properly calculate the size of a file descriptor array, which allows
remote attackers to cause a denial of service (crash) via a large number
of connections, which triggers an out-of-bounds access.


Is slitaz affected ?


SliTaz GNU/Linux Mailing list.
Web site :

Mail converted by MHonArc 2.6.19+