CVE-2008-0983
Publication date 26 February 2008
Last updated 24 July 2024
Ubuntu priority
lighttpd 1.4.18, and possibly other versions before 1.5.0, does not properly calculate the size of a file descriptor array, which allows remote attackers to cause a denial of service (crash) via a large number of connections, which triggers an out-of-bounds access.
Status
Package | Ubuntu Release | Status |
---|---|---|
lighttpd | 7.10 gutsy |
Fixed 1.4.18-1ubuntu1.1
|
7.04 feisty |
Fixed 1.4.13-9ubuntu4.3
|
|
6.10 edgy |
Fixed 1.4.13~r1370-1ubuntu1.4
|
|
6.06 LTS dapper |
Fixed 1.4.11-3ubuntu3.6
|