Lighttpd Multiple Remote Denial of Service Vulnerabilities

Lighttpd Multiple Remote Denial of Service Vulnerabilities

Lighttpd is prone to multiple remote denial-of-service vulnerabilities because the application fails to properly handle unexpected conditions.

Successfully exploiting these issues allows remote attackers to trigger an infinite loop, consuming excessive CPU resources, or to crash affected servers via a NULL-pointer dereference. This will deny further service to legitimate users.

Lighttpd versions prior to 1.4.14 are vulnerable.