Lucene search
K

16 matches found

Tenable Nessus
Tenable Nessus
added 2018/11/05 12:0 a.m.46 views

lighttpd < 1.4.35 Multiple Vulnerabilities

According to its banner, the version of lighttpd running on the remote host is prior to 1.4.35. It is, therefore, affected by the following vulnerabilities : - A SQL injection flaw exists in the 'modmysqlvhost' module where user input passed using the hostname is not properly sanitized. A remote...

9.8CVSS10AI score0.61665EPSS
Exploits4References5
Tenable Nessus
Tenable Nessus
added 2015/01/19 12:0 a.m.30 views

Oracle Solaris Third-Party Patch Update : lighttpd (multiple_vulnerabilities_in_lighttpd)

The remote Solaris system is missing necessary patches to address security updates : - SQL injection vulnerability in modmysqlvhost.c in lighttpd before 1.4.35 allows remote attackers to execute arbitrary SQL commands via the host name, related to requestcheckhostname. CVE-2014-2323 - Multiple...

9.8CVSS8.2AI score0.61665EPSS
Exploits4References4
Tenable Nessus
Tenable Nessus
added 2014/10/12 12:0 a.m.39 views

Amazon Linux AMI : lighttpd (ALAS-2014-346)

Multiple directory traversal vulnerabilities in 1 modevhost and 2 modsimplevhost in lighttpd before 1.4.35 allow remote attackers to read arbitrary files via a .. dot dot in the host name, related to requestcheckhostname. SQL injection vulnerability in modmysqlvhost.c in lighttpd before 1.4.35...

9.8CVSS8.3AI score0.61665EPSS
Exploits4References3
OpenVAS
OpenVAS
added 2014/04/10 12:0 a.m.38 views

SuSE Update for lighttpd openSUSE-SU-2014:0496-1 (lighttpd)

Check for the Version of lighttpd OpenVAS Vulnerability Test $Id: gbsuse201404961.nasl 8044 2017-12-08 08:32:49Z santu $ SuSE Update for lighttpd openSUSE-SU-2014:0496-1 lighttpd Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This...

7.5CVSS9.6AI score0.61665EPSS
Exploits4References1
OPENSUSE Linux
OPENSUSE Linux
added 2014/04/08 9:6 p.m.55 views

lighttpd to 1.4.35 (important)

lighttpd was updated to version 1.4.35, fixing bugs and security issues: CVE-2014-2323: SQL injection vulnerability in modmysqlvhost.c in lighttpd allowed remote attackers to execute arbitrary SQL commands via the host name, related to requestcheckhostname. CVE-2014-2323: Multiple directory...

7.5CVSS1AI score0.61665EPSS
Exploits4References1
OpenVAS
OpenVAS
added 2014/04/03 12:0 a.m.33 views

Fedora Update for lighttpd FEDORA-2014-3947

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.61665EPSS
Exploits4References2
OpenVAS
OpenVAS
added 2014/04/03 12:0 a.m.29 views

Fedora Update for lighttpd FEDORA-2014-3887

The remote host is missing an update for the SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.61665EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2014/03/26 12:0 a.m.43 views

Fedora 19 : lighttpd-1.4.35-1.fc19 (2014-3947)

1.4.35, fixes SA-2014-01, CVE-2014-2323, CVE-2014-2324 1 http://seclists.org/oss-sec/2014/q1/561 2 http://download.lighttpd.net/lighttpd/security/lighttpdsa201401.txt 3 http://www.lighttpd.net/2014/3/12/1.4.35/ Note that Tenable Network Security has extracted the preceding description block...

9.8CVSS7.5AI score0.61665EPSS
Exploits4References8
Tenable Nessus
Tenable Nessus
added 2014/03/26 12:0 a.m.45 views

Fedora 20 : lighttpd-1.4.35-1.fc20 (2014-3887)

1.4.35, fixes SA-2014-01, CVE-2014-2323, CVE-2014-2324 1 http://seclists.org/oss-sec/2014/q1/561 2 http://download.lighttpd.net/lighttpd/security/lighttpdsa201401.txt 3 http://www.lighttpd.net/2014/3/12/1.4.35/ Note that Tenable Network Security has extracted the preceding description block...

9.8CVSS7.5AI score0.61665EPSS
Exploits4References8
securityvulns
securityvulns
added 2014/03/24 12:0 a.m.105 views

[SECURITY] [DSA 2877-1] lighttpd security update

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 - ------------------------------------------------------------------------- Debian Security Advisory DSA-2877-1 [email protected] http://www.debian.org/security/ Michael Gilbert March 12, 2014 http://www.debian.org/security/faq -...

7.5CVSS2.5AI score0.61665EPSS
Exploits4
Mageia
Mageia
added 2014/03/19 5:28 p.m.48 views

Updated lighttpd package fixes security vulnerabilities

SQL injection vulnerability in lighttpd before 1.4.35 when modmysqlvhost is in use, due to insufficient validation of hostnames in HTTP requests CVE-2014-2323. Possible path traversal vulnerabilities in lighttpd before 1.4.35 when either modevhost or modsimplevhost are in use, due to insufficient...

9.8CVSS10.1AI score0.61665EPSS
Exploits4References3
UbuntuCve
UbuntuCve
added 2014/03/14 3:55 p.m.56 views

CVE-2014-2323

SQL injection vulnerability in modmysqlvhost.c in lighttpd before 1.4.35 allows remote attackers to execute arbitrary SQL commands via the host name, related to requestcheckhostname...

9.8CVSS7.3AI score0.61665EPSS
Exploits2References3
Debian CVE
Debian CVE
added 2014/03/14 3:0 p.m.53 views

CVE-2014-2323

SQL injection vulnerability in modmysqlvhost.c in lighttpd before 1.4.35 allows remote attackers to execute arbitrary SQL commands via the host name, related to requestcheckhostname...

9.8CVSS10AI score0.61665EPSS
Exploits2
Debian
Debian
added 2014/03/13 4:28 a.m.36 views

[SECURITY] [DSA 2877-1] lighttpd security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2877-1 [email protected] http://www.debian.org/security/ Michael Gilbert March 12, 2014 http://www.debian.org/security/faq -...

7.5CVSS2.9AI score0.61665EPSS
Exploits4
Debian
Debian
added 2014/03/13 4:28 a.m.40 views

[SECURITY] [DSA 2877-1] lighttpd security update

------------------------------------------------------------------------- Debian Security Advisory DSA-2877-1 [email protected] http://www.debian.org/security/ Michael Gilbert March 12, 2014 http://www.debian.org/security/faq -...

9.8CVSS10AI score0.61665EPSS
Exploits4
OpenVAS
OpenVAS
added 2014/03/11 12:0 a.m.21 views

Debian: Security Advisory (DSA-2877-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS9.6AI score0.61665EPSS
Exploits4References3
Rows per page
Query Builder