Описание
mod_cgi in lighttpd 1.4.18 sends the source code of CGI scripts instead of a 500 error when a fork failure occurs, which might allow remote attackers to obtain sensitive information.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1.4.11-3ubuntu3.7 |
| devel | released | 1.4.18-1ubuntu5 |
| edgy | released | 1.4.13~r1370-1ubuntu1.5 |
| feisty | released | 1.4.13-9ubuntu4.4 |
| gutsy | released | 1.4.18-1ubuntu1.2 |
| upstream | needs-triage |
Показывать по
10
Ссылки на источники
EPSS
Процентиль: 74%
0.00867
Низкий
5 Medium
CVSS2
Связанные уязвимости
nvd
больше 17 лет назад
mod_cgi in lighttpd 1.4.18 sends the source code of CGI scripts instead of a 500 error when a fork failure occurs, which might allow remote attackers to obtain sensitive information.
debian
больше 17 лет назад
mod_cgi in lighttpd 1.4.18 sends the source code of CGI scripts instea ...
github
больше 3 лет назад
mod_cgi in lighttpd 1.4.18 sends the source code of CGI scripts instead of a 500 error when a fork failure occurs, which might allow remote attackers to obtain sensitive information.
EPSS
Процентиль: 74%
0.00867
Низкий
5 Medium
CVSS2