Page 5 of 35 results (0.010 seconds)

CVSS: 4.3EPSS: 9%CPEs: 3EXPL: 0

The connection_state_machine function (connections.c) in lighttpd 1.4.19 and earlier, and 1.5.x before 1.5.0, allows remote attackers to cause a denial of service (active SSL connection loss) by triggering an SSL error, such as disconnecting before a download has finished, which causes all active SSL connections to be lost. La función connection_state_machine (connections.c) en lighttpd versión 1.4.19 y anteriores, y versión 1.5.x anterior a 1.5.0, permite a los atacantes remotos generar una denegación de servicio (pérdida de conexión SSL activa) al activar un error SSL, como desconectarse antes que una descarga ha finalizado, lo que hace que todas las conexiones SSL activas se pierdan. • http://lists.opensuse.org/opensuse-security-announce/2008-05/msg00000.html http://secunia.com/advisories/29505 http://secunia.com/advisories/29544 http://secunia.com/advisories/29636 http://secunia.com/advisories/29649 http://secunia.com/advisories/30023 http://security.gentoo.org/glsa/glsa-200804-08.xml http://trac.lighttpd.net/trac/changeset/2136 http://trac.lighttpd.net/trac/changeset/2139 http://trac.lighttpd.net/trac/changeset/2140 http://trac.lighttpd.net/trac/ticket&#x •

CVSS: 5.0EPSS: 2%CPEs: 1EXPL: 2

mod_userdir in lighttpd 1.4.18 and earlier, when userdir.path is not set, uses a default of $HOME, which might allow remote attackers to read arbitrary files, as demonstrated by accessing the ~nobody directory. mod_userdir en lighttpd 1.4.18 y anteriores, cuando no está establecido el userdir.path usa un $HOME por defecto, que podría permitir a atacantes remotos leer ficheros de su elección como se ha demostrado accediendo al directorio ~nobody. • https://www.exploit-db.com/exploits/31396 http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html http://secunia.com/advisories/29318 http://secunia.com/advisories/29403 http://secunia.com/advisories/29622 http://secunia.com/advisories/29636 http://security.gentoo.org/glsa/glsa-200804-08.xml http://trac.lighttpd.net/trac/ticket/1587 http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0106 http://www.debian.org/security/2008/dsa-1521 http://www.lighttpd. • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

mod_cgi in lighttpd 1.4.18 sends the source code of CGI scripts instead of a 500 error when a fork failure occurs, which might allow remote attackers to obtain sensitive information. El mod_cgi en lighttpd versión 1.4.18, envía el código fuente de los scripts CGI en lugar de un error 500 cuando ocurre un fallo de bifurcación, lo que podría permitir a los atacantes remotos obtener información confidencial. • http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html http://secunia.com/advisories/29209 http://secunia.com/advisories/29235 http://secunia.com/advisories/29268 http://secunia.com/advisories/29275 http://secunia.com/advisories/29318 http://secunia.com/advisories/29622 http://security.gentoo.org/glsa/glsa-200803-10.xml http://trac.lighttpd.net/trac/changeset/2107 http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0106 http://www.debian.org/security/2008/d • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 5.0EPSS: 9%CPEs: 12EXPL: 0

lighttpd 1.4.18, and possibly other versions before 1.5.0, does not properly calculate the size of a file descriptor array, which allows remote attackers to cause a denial of service (crash) via a large number of connections, which triggers an out-of-bounds access. lighttpd 1.4.18 y posiblemente otras versiones anteriores a la 1.5.0, no calcula correctamente el tamaño del array descriptor de archivos, lo que permite a atacantes remotos provocar una denegación de servicio (caída) a través de un gran número de conexiones, lo cual dispara un acceso fuera de límite. • http://lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.html http://secunia.com/advisories/29066 http://secunia.com/advisories/29166 http://secunia.com/advisories/29209 http://secunia.com/advisories/29268 http://secunia.com/advisories/29622 http://secunia.com/advisories/31104 http://security.gentoo.org/glsa/glsa-200803-10.xml http://trac.lighttpd.net/trac/ticket/1562 http://wiki.rpath.com/Advisories:rPSA-2008-0084 http://www.debian.org/security/2008/dsa-1609&# • CWE-399: Resource Management Errors •

CVSS: 6.8EPSS: 29%CPEs: 1EXPL: 0

Buffer overflow in the fcgi_env_add function in mod_proxy_backend_fastcgi.c in the mod_fastcgi extension in lighttpd before 1.4.18 allows remote attackers to overwrite arbitrary CGI variables and execute arbitrary code via an HTTP request with a long content length, as demonstrated by overwriting the SCRIPT_FILENAME variable, aka a "header overflow." Desbordamiento de búfer en la función fcgi_env_add de mod_proxy_backend_fastcgi.c en la extensión mod_fastcgi en lighttpd anterior a 1.4.18 permite a atacantes remotos sobrescribir variables CGI de su elección y ejecutar código de su elección mediante una petición HTTP con una longitud de contenido larga, como se ha demostrado sobrescribiendo la variable SCRIPT_FILENAME, también conocido como "desbordamiento de cabecera". • http://fedoranews.org/updates/FEDORA-2007-213.shtml http://secunia.com/advisories/26732 http://secunia.com/advisories/26794 http://secunia.com/advisories/26824 http://secunia.com/advisories/26997 http://secunia.com/advisories/27229 http://securityreason.com/securityalert/3127 http://secweb.se/en/advisories/lighttpd-fastcgi-remote-vulnerability http://trac.lighttpd.net/trac/changeset/1986 http://www.gentoo.org/security/en/glsa/glsa-200709-16.xml http://www.lighttpd.net/assets/2007 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •