AOH :: HP Unsorted L :: VA1680.HTM

rPSA-2008-0309-1 lighttpd
rPSA-2008-0309-1 lighttpd

rPath Security Advisory: 2008-0309-1
Published: 2008-10-30
    rPath Linux 1
    rPath Linux 2

Rating: Major
Exposure Level Classification:
    Remote Non-deterministic Denial of Service
Updated Versions: 

rPath Issue Tracking System:


    Previous versions of the lighttpd package contain multiple
    vulnerabilities, the most serious of which may allow a remote 
    attacker to cause a Denial of Service by sending an excessive
    number of duplicate header requests.
    lighttpd is not installed by default on rPath Linux systems,
    and no default configuration file is provided; only systems 
    customized to include and configure lighttpd are vulnerable. 

Copyright 2008 rPath, Inc.
This file is distributed under the terms of the MIT License.
A copy is available at 

The entire AOH site is optimized to look best in Firefox® 3 on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2015 AOH
We do not send spam. If you have received spam bearing an email address, please forward it with full headers to