Computer Security
[EN] securityvulns.ru no-pyccku


lighthttpd information leakage
Published:09.03.2008
Source:
SecurityVulns ID:8763
Type:remote
Threat Level:
5/10
Description:It's possible to obtain CGI source code under some conditions.
Affected:LIGHTTPD : lighttpd 1.4
CVE:CVE-2008-1111 (mod_cgi in lighttpd 1.4.18 sends the source code of CGI scripts instead of a 500 error when a fork failure occurs, which might allow remote attackers to obtain sensitive information.)
Original documentdocumentDEBIAN, [SECURITY] [DSA 1513-1] New lighttpd packages fix CGI source disclosure (09.03.2008)

About | Terms of use | Privacy Policy
© SecurityVulns, 3APA3A, Vladimir Dubrovin
Nizhny Novgorod