CVE-2013-4508

2013-11-08T04:47:00
ID CVE-2013-4508
Type cve
Reporter secalert@redhat.com
Modified 2021-02-26T15:11:00

Description

lighttpd before 1.4.34, when SNI is enabled, configures weak SSL ciphers, which makes it easier for remote attackers to hijack sessions by inserting packets into the client-server data stream or obtain sensitive information by sniffing the network.