CVE-2008-4298

Name of the Vulnerable Software and Affected Versions: lighttpd versions prior to 1.4.20

Description: A memory leak in the http request parse function in request.c allows remote attackers to cause a denial of service by consuming memory via a large number of requests with duplicate request headers.

Recommendations: For versions prior to 1.4.20, update to version 1.4.20 or later to resolve the issue.