The connection_state_machine function (connections.c) in lighttpd 1.4.19 and earlier, and 1.5.x before 1.5.0, allows remote attackers to cause a denial of service (active SSL connection loss) by triggering an SSL error, such as disconnecting before a download has finished, which causes all active SSL connections to be lost.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2008-03-27T23:00:00
Updated: 2018-10-11T19:57:01
Reserved: 2008-03-27T00:00:00
Link: CVE-2008-1531
JSON object: View
NVD Information
Status : Analyzed
Published: 2008-03-27T23:44:00.000
Modified: 2018-10-31T19:23:55.680
Link: CVE-2008-1531
JSON object: View
Redhat Information
No data.
CWE