FreeBSD : lighttpd -- OpenSSL Error Queue Denial of Service Vulnerability (1ac77649-0908-11dd-974d-000fea2763ce)
Medium Nessus Plugin ID 31953
SynopsisThe remote FreeBSD host is missing a security-related update.
DescriptionSecunia reports :
A vulnerability has been reported in lighttpd, which can be exploited by malicious people to cause a DoS (Denial of Service).
The vulnerability is caused due to lighttpd not properly clearing the OpenSSL error queue. This can be exploited to close concurrent SSL connections of lighttpd by terminating one SSL connection.
SolutionUpdate the affected package.