Alerts This Week
Warning Icon 1 914
Alerts This Week
Warning Icon 1 914

Gentoo: GLSA 200804-08 Moderate: lighttpd Issues and Security Threats

gentoo
Calendar Grey April 10, 2008
Dist Gentoo Esm H88
Enhance lighttpd to mitigate data leaks and service interruption risks in Gentoo Advisory GLSA 200804-08.
Multiple vulnerabilities in lighttpd may lead to information disclosure or a Denial of Service.

Summary

Gentoo Linux Security Advisory GLSA 200804-08 https://security.gentoo.org/ Severity: Normal Title: lighttpd: Multiple vulnerabilities Date: April 10, 2008 Bugs: #212930, #214892 ID: 200804-08

Synopsis ======= Multiple vulnerabilities in lighttpd may lead to information disclosure or a Denial of Service.
Background ========= lighttpd is a lightweight high-performance web server.
Affected packages ================ ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 www-servers/lighttpd < 1.4.19-r2 >= 1.4.19-r2
========== Julien Cayzax discovered that an insecure default setting exists in mod_userdir in lighttpd. When userdir.path is not set the default value used is $HOME. It should be noted that the "nob...

Read the Full Advisory

Topics%20covered

Topics Covered

security advisory gentoo software update information disclosure Denial of Service lighttpd

Resolution

References

Availability

style>.gentoo_availability{display:block;}

Concerns

Topics%20covered

Topics Covered

security advisory gentoo software update information disclosure Denial of Service lighttpd

Synopsis

Background

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Affected Packages

Impact

Workaround

Your message here