Candidate: CVE-2008-4298
PublicDate: 2008-09-27 10:30:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4298
Description:
 Memory leak in the http_request_parse function in request.c in lighttpd
 before 1.4.20 allows remote attackers to cause a denial of service (memory
 consumption) via a large number of requests with duplicate request headers.
Ubuntu-Description:
Notes:
Bugs:
 https://bugs.launchpad.net/ubuntu/jaunty/+source/lighttpd/+bug/279490
Priority: low
Discovered-by:
Assigned-to:
CVSS: 

Patches_lighttpd:
 debdiff: https://bugs.launchpad.net/ubuntu/jaunty/+source/lighttpd/+bug/279490
upstream_lighttpd: released (1.4.19-5)
dapper_lighttpd: ignored (reached end-of-life)
feisty_lighttpd: needed (reached end-of-life)
gutsy_lighttpd: needed (reached end-of-life)
hardy_lighttpd: released (1.4.19-0ubuntu3.1)
intrepid_lighttpd: needed (reached end-of-life)
jaunty_lighttpd: not-affected (1.4.19-5ubuntu6)
karmic_lighttpd: not-affected (1.4.19-5ubuntu6)
devel_lighttpd: not-affected (1.4.19-5ubuntu6)