exploitDog

GHSA-pcg2-3652-5c3v

Опубликовано: 01 мая 2022

Источник: github

Github: Не прошло ревью

Описание

response.c in Lighttpd 1.4.10 and possibly previous versions, when run on Windows, allows remote attackers to read arbitrary source code via requests that contain trailing (1) "." (dot) and (2) space characters, which are ignored by Windows, as demonstrated by PHP files.

response.c in Lighttpd 1.4.10 and possibly previous versions, when run on Windows, allows remote attackers to read arbitrary source code via requests that contain trailing (1) "." (dot) and (2) space characters, which are ignored by Windows, as demonstrated by PHP files.

Ссылки

EPSS

Процентиль: 73%

0.0075

Низкий

CVE ID

Связанные уязвимости

CVE-2006-0814

nvd

почти 20 лет назад

response.c in Lighttpd 1.4.10 and possibly previous versions, when run on Windows, allows remote attackers to read arbitrary source code via requests that contain trailing (1) "." (dot) and (2) space characters, which are ignored by Windows, as demonstrated by PHP files.

EPSS

Процентиль: 73%

0.0075

Низкий

CVE ID