SUSE CVE-2008-4360

moduserdir in lighttpd before 1.4.20, when a case-insensitive operating system or filesystem is used, performs case-sensitive comparisons on filename components in configuration options, which might allow remote attackers to bypass intended access restrictions, as demonstrated by a request for a...

openSUSE Security Update : lighttpd (lighttpd-1586)

This update fixes a regression caused by the last security update for CVE-2008-4360. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update lighttpd-1586. The text description of this plugin is C SUS...

openSUSE Security Update : lighttpd (lighttpd-1586)

This update fixes a regression caused by the last security update for CVE-2008-4360. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update lighttpd-1586. The text description of this plugin is C SUS...

openSUSE Security Update : lighttpd (lighttpd-309)

Various issues have been fixed in lighttpd. CVE-2008-4298, CVE-2008-4359 and CVE-2008-4360 have been assigned to thess issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update lighttpd-309. The...

Fedora Core 9 FEDORA-2008-11923 (lighttpd)

The remote host is missing an update to lighttpd announced via advisory FEDORA-2008-11923. Note: This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by...

Gentoo Security Advisory GLSA 200812-04 (lighttpd)

The remote host is missing updates announced in advisory GLSA 200812-04. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Gentoo Security Advisory GLSA 200812-04 (lighttpd)

The remote host is missing updates announced in advisory GLSA 200812-04. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...

openSUSE 10 Security Update : lighttpd (lighttpd-5785)

Various issues have been fixed in lighttpd. CVE-2008-4298, CVE-2008-4359 and CVE-2008-4360 have been assigned to thess issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from openSUSE Security Update lighttpd-5785. Th...

Lighttpd 'mod_userdir'大小写区分对比安全绕过漏洞

BUGTRAQ ID: 31600 CVE ID：CVE-2008-4360 CNCVE ID：CNCVE-20084360 Lighttpd是一款开放源代码的WEB服务器程序。 Lighttpd 'moduserdir'模块存在安全绕过问题，远程攻击者可以利用漏洞绕过部分安全限制，获得敏感信息。 lighttpd...

[SECURITY] [DSA-1645-1] New lighttpd packages fix various problems

------------------------------------------------------------------------ Debian Security Advisory DSA-1645-1 [email protected] http://www.debian.org/security/ Steve Kemp October 06, 2008 http://www.debian.org/security/faq -...

CVE-2008-4360

moduserdir in lighttpd before 1.4.20, when a case-insensitive operating system or filesystem is used, performs case-sensitive comparisons on filename components in configuration options, which might allow remote attackers to bypass intended access restrictions, as demonstrated by a request for a...

CVE-2008-4360

moduserdir in lighttpd before 1.4.20, when a case-insensitive operating system or filesystem is used, performs case-sensitive comparisons on filename components in configuration options, which might allow remote attackers to bypass intended access restrictions, as demonstrated by a request for a...

CVE-2008-4360

Vulnerability summary (CVE-2008-4360) Lighttpd

FreeBSD Ports: lighttpd

The remote host is missing an update to the system as announced in the referenced advisory. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...