Описание
mod_access.c in lighttpd 1.4.15 ignores trailing / (slash) characters in the URL, which allows remote attackers to bypass url.access-deny settings.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.4.11-3ubuntu3.5 |
| devel | not-affected | |
| edgy | released | 1.4.13~r1370-1ubuntu1.3 |
| feisty | released | 1.4.13-9ubuntu4.2 |
| gutsy | not-affected | |
| upstream | released | 1.4.16 |
Показывать по
10
Ссылки на источники
8.3 High
CVSS2
Связанные уязвимости
nvd
около 18 лет назад
mod_access.c in lighttpd 1.4.15 ignores trailing / (slash) characters in the URL, which allows remote attackers to bypass url.access-deny settings.
debian
около 18 лет назад
mod_access.c in lighttpd 1.4.15 ignores trailing / (slash) characters ...
github
больше 3 лет назад
mod_access.c in lighttpd 1.4.15 ignores trailing / (slash) characters in the URL, which allows remote attackers to bypass url.access-deny settings.
8.3 High
CVSS2