Lighttpd < 1.4.18 mod_fastcgi HTTP Request Header Overflow

2007-09-10T00:00:00
ID 4206.PRM
Type nessus
Reporter Tenable
Modified 2019-03-06T00:00:00

Description

The remote host is running Lighttpd, a small web server. This version of Lighttpd is vulnerable to a buffer overflow via the 'mod_fastcgi' module. An attacker exploiting this flaw would only need the ability to send large, malformed requests to the 'mod_fastcgi' module. Successful exploitation would result in the attacker executing arbitrary code.

                                        
                                            Binary data 4206.prm