CVE-2007-3948
EPSS 2.4%
Description
connections.c in lighttpd before 1.4.16 might accept more connections than the configured maximum, which allows remote attackers to cause a denial of service (failed assertion) via a large number of connection attempts.
How to fix CVE-2007-3948
To remediate CVE-2007-3948, upgrade the affected package to a fixed version below.
- Debian/lighttpd—upgrade to 1.4.16-1 or later
Is CVE-2007-3948 being exploited?
Low — EPSS is 2.4%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 1.4.16-1