CVE-2008-1531

Name of the Vulnerable Software and Affected Versions lighttpd versions 1.4.19 and earlier lighttpd versions 1.5.x before 1.5.0

Description The issue allows remote attackers to cause a denial of service, specifically an active SSL connection loss, by triggering an SSL error. This can occur when an action such as disconnecting before a download has finished is performed, resulting in the loss of all active SSL connections.

Recommendations For lighttpd versions 1.4.19 and earlier, update to a version later than 1.4.19. For lighttpd versions 1.5.x before 1.5.0, update to version 1.5.0 or later.