Lighttpd < 1.4.18 mod_fastcgi HTTP Request Header Overflow

ID 4206.PRM
Type nessus
Reporter Tenable
Modified 2019-03-06T00:00:00


The remote host is running Lighttpd, a small web server. This version of Lighttpd is vulnerable to a buffer overflow via the 'mod_fastcgi' module. An attacker exploiting this flaw would only need the ability to send large, malformed requests to the 'mod_fastcgi' module. Successful exploitation would result in the attacker executing arbitrary code.

                                            Binary data 4206.prm