CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 0CVE-2018-25103 – Use-after-free vulnerabilities in lighttpd <= 1.4.50
https://notcve.org/view.php?id=CVE-2018-25103
17 Jun 2024 — There exists use-after-free vulnerabilities in lighttpd <= 1.4.50 request parsing which might read from invalid pointers to memory used in the same request, not from other requests. Existe una vulnerabilidad de use-after-free en lighttpd <= 1.4.50 que puede permitir el acceso para realizar una comparación que no distinga entre mayúsculas y minúsculas con el puntero reutilizado. • https://9443417.fs1.hubspotusercontent-na1.net/hubfs/9443417/Security%20Advisories/2024/AMI-SA-2024002.pdf •
CVSS: 5.9EPSS: 2%CPEs: 3EXPL: 1CVE-2022-22707 – Ubuntu Security Notice USN-5903-1
https://notcve.org/view.php?id=CVE-2022-22707
06 Jan 2022 — In lighttpd 1.4.46 through 1.4.63, the mod_extforward_Forwarded function of the mod_extforward plugin has a stack-based buffer overflow (4 bytes representing -1), as demonstrated by remote denial of service (daemon crash) in a non-default configuration. The non-default configuration requires handling of the Forwarded header in a somewhat unusual manner. Also, a 32-bit system is much more likely to be affected than a 64-bit system. En lighttpd versiones 1.4.46 hasta 1.4.63, la función mod_extforward_Forwarde... • https://redmine.lighttpd.net/issues/3134 • CWE-787: Out-of-bounds Write •
CVSS: 9.8EPSS: 36%CPEs: 1EXPL: 1CVE-2019-11072
https://notcve.org/view.php?id=CVE-2019-11072
10 Apr 2019 — lighttpd before 1.4.54 has a signed integer overflow, which might allow remote attackers to cause a denial of service (application crash) or possibly have unspecified other impact via a malicious HTTP GET request, as demonstrated by mishandling of /%2F? in burl_normalize_2F_to_slash_fix in burl.c. NOTE: The developer states "The feature which can be abused to cause the crash is a new feature in lighttpd 1.4.50, and is not enabled by default. It must be explicitly configured in the config file (e.g. lighttpd... • http://www.securityfocus.com/bid/107907 • CWE-190: Integer Overflow or Wraparound •
CVSS: 7.5EPSS: 0%CPEs: 13EXPL: 2CVE-2018-19052
https://notcve.org/view.php?id=CVE-2018-19052
07 Nov 2018 — An issue was discovered in mod_alias_physical_handler in mod_alias.c in lighttpd before 1.4.50. There is potential ../ path traversal of a single directory above an alias target, with a specific mod_alias configuration where the matched alias lacks a trailing '/' character, but the alias target filesystem path does have a trailing '/' character. Se ha descubierto un problema en mod_alias_physical_handler en mod_alias.c en lighttpd en versiones anteriores a la 1.4.50. Hay un salto de directorio ../ de un úni... • https://github.com/iveresk/cve-2018-19052 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 1CVE-2015-3200 – HP Security Bulletin HPSBGN03638 1
https://notcve.org/view.php?id=CVE-2015-3200
09 Jun 2015 — mod_auth in lighttpd before 1.4.36 allows remote attackers to inject arbitrary log entries via a basic HTTP authentication string without a colon character, as demonstrated by a string containing a NULL and new line character. mod_auth en lighttpd anterior a 1.4.36 permite a atacantes remotos inyectar entradas de registro largas a través de una cadena de la autenticación HTTP básica sin un caracter de dos puntos, tal y como fue demostrado por una cadena que contiene un caracter nulo y de nueva línea. Potent... • http://jaanuskp.blogspot.com/2015/05/cve-2015-3200.html • CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') •
CVSS: 7.5EPSS: 73%CPEs: 11EXPL: 3CVE-2014-2324 – HP Security Bulletin HPSBGN03191 1
https://notcve.org/view.php?id=CVE-2014-2324
13 Mar 2014 — Multiple directory traversal vulnerabilities in (1) mod_evhost and (2) mod_simple_vhost in lighttpd before 1.4.35 allow remote attackers to read arbitrary files via a .. (dot dot) in the host name, related to request_check_hostname. Múltiples vulnerabilidades de salto de directorio en (1) mod_evhost y (2) mod_simple_vhost en lighttpd anterior a 1.4.35 permiten a atacantes remotos leer archivos arbitrarios a través de un .. (punto punto) en el nombre de host, relacionado con request_check_hostname. A potenti... • https://github.com/sp4c30x1/uc_httpd_exploit • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.8EPSS: 84%CPEs: 9EXPL: 3CVE-2014-2323 – HP Security Bulletin HPSBGN03191 1
https://notcve.org/view.php?id=CVE-2014-2323
13 Mar 2014 — SQL injection vulnerability in mod_mysql_vhost.c in lighttpd before 1.4.35 allows remote attackers to execute arbitrary SQL commands via the host name, related to request_check_hostname. Vulnerabilidad de inyección SQL en mod_mysql_vhost.c en lighttpd anterior a 1.4.35 permite a atacantes remotos ejecutar comandos SQL arbitrarios a través del nombre de host, relacionado con request_check_hostname. A potential security vulnerabilities have been identified with HP Remote Device Access: Virtual Customer Access... • https://github.com/cirocosta/lighty-sqlinj-demo • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.6EPSS: 0%CPEs: 7EXPL: 0CVE-2013-4559 – Mandriva Linux Security Advisory 2013-277
https://notcve.org/view.php?id=CVE-2013-4559
13 Nov 2013 — lighttpd before 1.4.33 does not check the return value of the (1) setuid, (2) setgid, or (3) setgroups functions, which might cause lighttpd to run as root if it is restarted and allows remote attackers to gain privileges, as demonstrated by multiple calls to the clone function that cause setuid to fail when the user process limit is reached. lighttpd anterior a la versión 1.4.33 no comprueba el valor de vuelta de (1) setuid, (2) setgid, o (3) setgroups, lo que podría causar que lighttpd se ejecute bajo adm... • http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2013_02.txt • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 7%CPEs: 7EXPL: 0CVE-2013-4560 – Mandriva Linux Security Advisory 2013-277
https://notcve.org/view.php?id=CVE-2013-4560
13 Nov 2013 — Use-after-free vulnerability in lighttpd before 1.4.33 allows remote attackers to cause a denial of service (segmentation fault and crash) via unspecified vectors that trigger FAMMonitorDirectory failures. Vulnerabilidad de uso después de liberación en lighttpd anterior a la versión 1.4.33 permite a atacantes remotos provocar una denegación de servicio (fallo de segmentación y caída) a través de vectores que desencadenen fallos FAMMonitorDirectory. lighttpd before 1.4.34, when SNI is enabled, configures wea... • http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2013_03.txt • CWE-416: Use After Free •
CVSS: 7.5EPSS: 0%CPEs: 7EXPL: 1CVE-2013-4508 – Mandriva Linux Security Advisory 2013-277
https://notcve.org/view.php?id=CVE-2013-4508
08 Nov 2013 — lighttpd before 1.4.34, when SNI is enabled, configures weak SSL ciphers, which makes it easier for remote attackers to hijack sessions by inserting packets into the client-server data stream or obtain sensitive information by sniffing the network. lighttpd anteriores a 1.4.34, cuando SNI esta habilitado, configura cifrados SSL débiles, lo que hace más fácil para un atacante remoto secuestrar sesiones insertando paquetes en el flujo de datos cliente-servidor u obtener información sensible capturando la red.... • http://download.lighttpd.net/lighttpd/security/lighttpd_sa_2013_01.txt • CWE-326: Inadequate Encryption Strength •