VULHUB ™

lighttpd is reported prone to an information disclosure vulnerability. Reports indicate that a NULL sequence appended to the filename of a CGI or FastCGI script will result in the script contents being served to the requestor. Information that is harvested by exploiting this vulnerability may be used to aid in further attacks launched against the target computer. This vulnerability is reported to affect lighttpd 1.3.7 and previous versions.

lighttpd is reported prone to an information disclosure vulnerability. Reports indicate that a NULL sequence appended to the filename of a CGI or FastCGI script will result in the script contents being served to the requestor. Information that is harvested by exploiting this vulnerability may be used to aid in further attacks launched against the target computer. This vulnerability is reported to affect lighttpd 1.3.7 and previous versions.