DOCUMENTATION

Views

Search

Toolbox

Advisories:rPSA-2008-0309

From rPath Wiki

Jump to: navigation, search

rPath Security Advisory 2008-0309-1

Published: 2008-10-30

Products

rPath Linux 1
rPath Linux 2

Rating

Major

Exposure Level Classification

Remote Non-deterministic Denial of Service

Updated Versions

lighttpd=conary.rpath.com@rpl:1/1.4.20-0.1-1
lighttpd=conary.rpath.com@rpl:2/1.4.20-1-0.1

rPath Issue Tracking System

RPL-2856

References

Description

Previous versions of the lighttpd package contain multiple

vulnerabilities, the most serious of which may allow a remote

attacker to cause a Denial of Service by sending an excessive

number of duplicate header requests.

lighttpd is not installed by default on rPath Linux systems,

and no default configuration file is provided; only systems

customized to include and configure lighttpd are vulnerable.

Copyright 2008 rPath, Inc. This file is distributed under the terms of the MIT License. A copy is available at http://www.rpath.com/permanent/mit-license.html

Retrieved from "http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0309"

Categories: Support Issue | Advisories