A critical stack buffer overflow in modified lighttpd servers allows unauthenticated attackers to execute remote code or crash the system via crafted HTTP requests.

An unauthenticated remote attacker can trigger a stack buffer overflow by sending a crafted HTTP request containing an excessively long SESSIONID cookie. This flaw exists in modified versions of the lighttpd server that lack adequate stack protections, potentially leading to a complete system compromise.

A successful exploit could allow an attacker to gain full control over the affected server, leading to unauthorized data access, service disruption, and lateral movement within the network. The CVSS score of 9.8 reflects the critical nature of this vulnerability, as it requires no user interaction or privileges and can result in total loss of confidentiality, integrity, and availability.

Immediate Action: Administrators should immediately update the affected software to the latest version provided by the vendor or apply the recommended security patches.

Proactive Monitoring: Implement logging to capture and alert on HTTP requests containing unusually large cookie headers or SESSIONID values.

Compensating Controls: Deploy a Web Application Firewall (WAF) with rules configured to drop or truncate HTTP headers that exceed standard length limits.

Public Exploit Available: false

This vulnerability represents a significant risk to organizational infrastructure due to the potential for remote code execution. It is highly recommended that the primary remediation step—applying the vendor's security update—be performed immediately to mitigate the risk of unauthenticated compromise.