Threat Encyclopedia

Lighttpd.url-path-2f-decode.DoS

description-logoDescription

This indicates an attack attempt to exploit a Denial of Service Vulnerability in Lighttpd Project Lighttpd.
A remote, unauthenticated attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the target server. Successful exploitation of this vulnerability could result in denial-of-service conditions on the target server.

affected-products-logoAffected Products

Lighttpd Project Lighttpd prior to 1.4.54

Impact

Denial of Service: Remote attackers can crash vulnerable systems.

recomended-action-logoRecommended Actions

Apply the most recent upgrade or patch from the vendor.
https://github.com/lighttpd/lighttpd1.4/commit/32120d5b8b3203fc21ccb9eafb0eaf824bb59354

CVE References

CVE-2019-11072