FreeBSD : lighttpd -- Remote DOS in CRLF parsing (d2b48d30-ea97-11db-a802-000fea2763ce)
Medium Nessus Plugin ID 25052
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionLighttpd SA :
If the connection aborts during parsing '\r\n\r\n' the server might get into a infinite loop and use 100% of the CPU time. lighttpd still responses to other requests. This can be repeated until either the server limit for concurrent connections or file descriptors is reached.
The bug was reported and fixed by Robert Jakabosky.
SolutionUpdate the affected package.