| VID |
22323 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
WWW |
| Detailed Description |
The relevant host is running a version of lighttpd Web Server which is older or equal to 1.3.7. lighttpd is a web server that provides an interface to external programs and allows Web applications to run separate chroot. The lighttpd versions 1.3.7 and earlier are vulnerable to an information disclosure vulnerability, caused by improper handling of control characters in the buffer_urldecode function. By sending a specially-crafted URL request appending a %00 (null) character after the file extension, a remote attacker can read the requested file's source code.
* Note: This check solely relied on the banner of the remote HTTP server to assess this vulnerability, so this might be a False Positive.
* References:
http://article.gmane.org/gmane.comp.web.lighttpd/1171
http://secunia.com/advisories/14297/
* Platforms Affected:
lighttpd versions 1.3.7 and earlier
Unix Any version
Linux Any version |
| Recommendation |
Upgrade to the latest version of lighttpd (1.3.10 or later), available from the lighttpd Download Web site at http://lighttpd.net/download/
-- OR --
Apply the fix for 1.3.7, available from the lighttpd Patch Web page at http://wiki.lighttpd.net/7.html#A12
For Gentoo Linux:
Upgrade to the latest version of lighttpd (1.3.10-r1 or later), as listed in Gentoo Linux Security Advisory GLSA 200502-21 at http://www.gentoo.org/security/en/glsa/glsa-200502-21.xml
For other distributions:
Contact your vendor for upgrade or patch information. |
| Related URL |
CVE-2005-0453 (CVE) |
| Related URL |
12567 (SecurityFocus) |
| Related URL |
19350 (ISS) |
|
