Explore top 10 tips to secure your open-source projects now. Read More

×
Alerts This Week
Warning Icon 1 488
Alerts This Week
Warning Icon 1 488

Gentoo: GLSA 200804-08 Moderate: lighttpd Issues and Security Threats

gentoo
Calendar Grey April 10, 2008
Scroller Gentoo
Enhance lighttpd to mitigate data leaks and service interruption risks in Gentoo Advisory GLSA 200804-08.
Multiple vulnerabilities in lighttpd may lead to information disclosure or a Denial of Service.

Summary

Gentoo Linux Security Advisory GLSA 200804-08 https://security.gentoo.org/ Severity: Normal Title: lighttpd: Multiple vulnerabilities Date: April 10, 2008 Bugs: #212930, #214892 ID: 200804-08

Synopsis ======= Multiple vulnerabilities in lighttpd may lead to information disclosure or a Denial of Service.
Background ========= lighttpd is a lightweight high-performance web server.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-servers/lighttpd < 1.4.19-r2 >= 1.4.19-r2
========== Julien Cayzax discovered that an insecure default setting exists in mod_userdir in lighttpd. When userdir.path is not set the default value used is $HOME. It should be noted that the "nob...

Read the Full Advisory

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround