Lucene search
Gentoo FoundationMGASA-2016-0398HistoryNov 25, 2016 - 8:04 p.m.
Updated lighttpd packages fix security vulnerability
2016-11-2520:04:30
Gentoo Foundation
advisories.mageia.org
9
Dominic Scheirlinck and Scott Geary of Vend reported an insecure behaviour in the lighttpd web server. Lighttpd assigned Proxy header values from client requests to internal HTTP_PROXY environment variables. This could be used to carry out Man in the Middle Attacks (MIDM) or create connections to arbitrary hosts (CVE-2016-1000212).
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 5 | noarch | lighttpd | < 1.4.37-1.1 | lighttpd-1.4.37-1.1.mga5 |
Related
amazon
amazon
Important: lighttpd
2016-09-15 19:00:00
openvas
openvas
Debian Security Advisory DSA 3642-1 (lighttpd - security update)
2016-08-05 00:00:00
Fedora Update for lighttpd FEDORA-2016-07e9059072
2016-08-11 00:00:00
Fedora Update for lighttpd FEDORA-2016-9de7253cc7
2016-08-11 00:00:00
fedora
fedora
[SECURITY] Fedora 23 Update: lighttpd-1.4.41-1.fc23
2016-08-10 11:00:39
[SECURITY] Fedora 24 Update: lighttpd-1.4.41-1.fc24
2016-08-10 07:26:31
debian
debian
[SECURITY] [DSA 3642-1] lighttpd security update
2016-08-06 02:36:05
[SECURITY] [DSA 3642-1] lighttpd security update
2016-08-06 02:36:28
[SECURITY] [DLA 583-1] lighttpd security update
2016-08-03 06:05:54
nessus
nessus
Debian DSA-3642-1 : lighttpd - security update
2016-08-15 00:00:00
Amazon Linux AMI : lighttpd (ALAS-2016-746)
2016-09-16 00:00:00
Debian DLA-583-1 : lighttpd security update
2016-08-04 00:00:00
ubuntucve
ubuntucve
CVE-2016-1000212
2016-07-27 00:00:00
ibm
ibm
cve
cve
CVE-2016-1000212
2022-02-25 11:44:09
osv
osv
lighttpd - security update
2016-08-03 00:00:00
debiancve
debiancve
CVE-2016-1000212
2022-02-25 11:44:09
Related for MGASA-2016-0398