Intrusion Prevention



This indicates an attempt to exploit a header overflow vulnerability in Lighttpd before version 1.4.18.
There is a header overflow vulnerability in Lighttpd that occurs when the application calls the fast_cgi module. It allows remote attackers to overwrite arbitrary CGI variables and execute arbitrary code via an HTTP request with a long content length.

Affected Products

Lighttpd 1.x., before version 1.4.18


System Compromise: remote attackers can gain control of vulnerable systems.

Recommended Actions

Update to version 1.4.18.

CVE References