This script is Copyright (C) 2011-2014 Tenable Network Security, Inc.
The remote web server is potentially affected by a denial of service
According to its banner, the version of lighttpd installed on the
remote host is older than 1.4.30 and is potentially affected by a
denial of service vulnerability.
The HTTP server allows out-of-bounds values to be decoded during the
auth process and later uses these values as offsets. Using negative
values as offsets can result in application crashes.
See also :
Either upgrade to lighttpd version 1.4.30 or later, apply the vendor's
patch, or disable mod_auth if you do not need it.
Risk factor :
Medium / CVSS Base Score : 5.0
CVSS Temporal Score : 4.3
Public Exploit Available : true