Lucene search

CVE-2014-2324

🗓️ 14 Mar 2014 15:05:55Reported by mitreType

cve🔗 web.nvd.nist.gov📰️ 5 Media mentions👁 302 Views🌐 WEB

Multiple directory traversal vulnerabilities in mod_evhost and mod_simple_vhost in lighttpd before 1.4.3

AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 44
NVD	CVE-2014-2324	14 Mar 201415:55	–	nvd
Prion	Directory traversal	14 Mar 201415:55	–	prion
seebug.org	lighttpd目录遍历漏洞	19 Mar 201400:00	–	seebug
OSV	CVE-2014-2324	14 Mar 201415:55	–	osv
OSV	DSA-2877-1 lighttpd - security update	12 Mar 201400:00	–	osv
OSV	MGASA-2014-0133 Updated lighttpd package fixes security vulnerabilities	19 Mar 201417:28	–	osv
OSV	OPENSUSE-SU-2024:10402-1 lighttpd-1.4.37-1.6 on GA media	15 Jun 202400:00	–	osv
UbuntuCve	CVE-2014-2324	14 Mar 201400:00	–	ubuntucve
Cvelist	CVE-2014-2324	14 Mar 201415:00	–	cvelist
Debian CVE	CVE-2014-2324	14 Mar 201415:55	–	debiancve

Nvd

Node

lighttpd lighttpdRange<1.4.35

Node

debian debian_linuxMatch6.0

debian debian_linuxMatch7.0

debian debian_linuxMatch8.0

Node

opensuse opensuseMatch11.4

opensuse opensuseMatch12.3

opensuse opensuseMatch13.1

suse linux_enterprise_high_availability_extensionMatch11sp3

suse linux_enterprise_software_development_kitMatch11sp3

Node

contec sv-cpt-mc310_firmwareRange<6.5

AND

contec sv-cpt-mc310Match-

Source	Link
seclists	www.seclists.org/oss-sec/2014/q1/561
lists	www.lists.opensuse.org/opensuse-security-announce/2014-04/msg00002.html
securityfocus	www.securityfocus.com/bid/66157
lists	www.lists.opensuse.org/opensuse-security-announce/2014-04/msg00006.html
lists	www.lists.opensuse.org/opensuse-security-announce/2014-03/msg00023.html
download	www.download.lighttpd.net/lighttpd/security/lighttpd_sa_2014_01.txt
jvn	www.jvn.jp/en/jp/JVN37417423/index.html
seclists	www.seclists.org/oss-sec/2014/q1/564
marc	www.marc.info/
debian	www.debian.org/security/2014/dsa-2877

Parameter	Position	Path	Description	CWE
..	path	/mod_evhost	Directory traversal vulnerability allowing remote attackers to read arbitrary files via a .. in the host name.	CWE-22
..	path	/mod_simple_vhost	Directory traversal vulnerability allowing remote attackers to read arbitrary files via a .. in the host name.	CWE-22

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

14 Mar 2014 15:55Current

9.2High risk

Vulners AI Score9.2

CVSS25

EPSS0.78088

CWE-22