16 matches found
lighttpd < 1.4.35 Multiple Vulnerabilities
According to its banner, the version of lighttpd running on the remote host is prior to 1.4.35. It is, therefore, affected by the following vulnerabilities : - A SQL injection flaw exists in the 'modmysqlvhost' module where user input passed using the hostname is not properly sanitized. A remote...
Oracle Solaris Third-Party Patch Update : lighttpd (multiple_vulnerabilities_in_lighttpd)
The remote Solaris system is missing necessary patches to address security updates : - SQL injection vulnerability in modmysqlvhost.c in lighttpd before 1.4.35 allows remote attackers to execute arbitrary SQL commands via the host name, related to requestcheckhostname. CVE-2014-2323 - Multiple...
Amazon Linux AMI : lighttpd (ALAS-2014-346)
Multiple directory traversal vulnerabilities in 1 modevhost and 2 modsimplevhost in lighttpd before 1.4.35 allow remote attackers to read arbitrary files via a .. dot dot in the host name, related to requestcheckhostname. SQL injection vulnerability in modmysqlvhost.c in lighttpd before 1.4.35...
SuSE Update for lighttpd openSUSE-SU-2014:0496-1 (lighttpd)
Check for the Version of lighttpd OpenVAS Vulnerability Test $Id: gbsuse201404961.nasl 8044 2017-12-08 08:32:49Z santu $ SuSE Update for lighttpd openSUSE-SU-2014:0496-1 lighttpd Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This...
lighttpd to 1.4.35 (important)
lighttpd was updated to version 1.4.35, fixing bugs and security issues: CVE-2014-2323: SQL injection vulnerability in modmysqlvhost.c in lighttpd allowed remote attackers to execute arbitrary SQL commands via the host name, related to requestcheckhostname. CVE-2014-2323: Multiple directory...
Fedora Update for lighttpd FEDORA-2014-3947
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for lighttpd FEDORA-2014-3887
The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora 19 : lighttpd-1.4.35-1.fc19 (2014-3947)
1.4.35, fixes SA-2014-01, CVE-2014-2323, CVE-2014-2324 1 http://seclists.org/oss-sec/2014/q1/561 2 http://download.lighttpd.net/lighttpd/security/lighttpdsa201401.txt 3 http://www.lighttpd.net/2014/3/12/1.4.35/ Note that Tenable Network Security has extracted the preceding description block...
Fedora 20 : lighttpd-1.4.35-1.fc20 (2014-3887)
1.4.35, fixes SA-2014-01, CVE-2014-2323, CVE-2014-2324 1 http://seclists.org/oss-sec/2014/q1/561 2 http://download.lighttpd.net/lighttpd/security/lighttpdsa201401.txt 3 http://www.lighttpd.net/2014/3/12/1.4.35/ Note that Tenable Network Security has extracted the preceding description block...
[SECURITY] [DSA 2877-1] lighttpd security update
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2877-1 [email protected] http://www.debian.org/security/ Michael Gilbert March 12, 2014 http://www.debian.org/security/faq -...
Updated lighttpd package fixes security vulnerabilities
SQL injection vulnerability in lighttpd before 1.4.35 when modmysqlvhost is in use, due to insufficient validation of hostnames in HTTP requests CVE-2014-2323. Possible path traversal vulnerabilities in lighttpd before 1.4.35 when either modevhost or modsimplevhost are in use, due to insufficient...
CVE-2014-2323
SQL injection vulnerability in modmysqlvhost.c in lighttpd before 1.4.35 allows remote attackers to execute arbitrary SQL commands via the host name, related to requestcheckhostname...
CVE-2014-2323
SQL injection vulnerability in modmysqlvhost.c in lighttpd before 1.4.35 allows remote attackers to execute arbitrary SQL commands via the host name, related to requestcheckhostname...
[SECURITY] [DSA 2877-1] lighttpd security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2877-1 [email protected] http://www.debian.org/security/ Michael Gilbert March 12, 2014 http://www.debian.org/security/faq -...
[SECURITY] [DSA 2877-1] lighttpd security update
------------------------------------------------------------------------- Debian Security Advisory DSA-2877-1 [email protected] http://www.debian.org/security/ Michael Gilbert March 12, 2014 http://www.debian.org/security/faq -...
Debian: Security Advisory (DSA-2877-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...