Lucene search
K

18 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2023/04/14 2:32 p.m.69 views

Security Bulletin: Vulnerability in lighttpd affects IBM Integrated Management Module (IMM) (CVE-2015-3200)

Summary IBM Integrated Management Module IMM has addressed the following vulnerability in lighttpd. Vulnerability Details Summary IBM Integrated Management Module IMM has addressed the following vulnerability in lighttpd. Vulnerability Details: CVE-ID: CVE-2015-3200 Description: lighttpd could...

7.5CVSS7.5AI score0.09978EPSS
Exploits1
SUSE CVE
SUSE CVE
added 2023/02/15 5:19 a.m.3 views

SUSE CVE-2015-3200

modauth in lighttpd before 1.4.36 allows remote attackers to inject arbitrary log entries via a basic HTTP authentication string without a colon character, as demonstrated by a string containing a NULL and new line character...

7.5CVSS7.3AI score0.09978EPSS
Exploits1References5
OpenVAS
OpenVAS
added 2023/01/27 12:0 a.m.42 views

Ubuntu: Security Advisory (USN-4775-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.1408EPSS
Exploits2References2
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 1:29 a.m.30 views

Security Bulletin: Vulnerability in lighttpd affects PowerKVM (CVE-2015-3200)

Summary PowerKVM is affected by a vulnerability in lighttpd CVE-2015-3200. This vulnerability is now fixed. Vulnerability Details CVEID: CVE-2015-3200 DESCRIPTION: lighttpd could allow a remote attacker to bypass security restrictions, caused by the improper validation of input. An attacker could...

7.5CVSS0.4AI score0.09978EPSS
Exploits1Affected Software1
OSV
OSV
added 2017/03/17 2:7 p.m.6 views

SUSE-SU-2017:0731-1 Security update for lighttpd

This update for lighttpd fixes the following issues: Security issues fixed: - CVE-2016-1000212: Don't allow requests to set the HTTPPROXY variable. As CGI apps might pick it up and use it for outgoing requests. bsc990847 - CVE-2015-3200: Log injection via malformed base64 string in Authentication...

7.5CVSS7.6AI score0.09978EPSS
Exploits1References6
OpenVAS
OpenVAS
added 2015/10/15 12:0 a.m.22 views

Mageia: Security Advisory (MGASA-2015-0338)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.09978EPSS
Exploits1References8
OSV
OSV
added 2015/09/08 7:20 a.m.8 views

MGASA-2015-0338 Updated lighttpd packages fix CVE-2015-3200 & other bugs

Updated lighttpd packages fix security vulnerability: modauth in lighttpd before 1.4.36 allows remote attackers to inject arbitrary log entries via a basic HTTP authentication string without a colon character, as demonstrated by a string containing a NULL and new line character CVE-2015-3200. The...

7.5CVSS7.8AI score0.09978EPSS
Exploits1References7
Mageia
Mageia
added 2015/09/08 7:20 a.m.57 views

Updated lighttpd packages fix CVE-2015-3200 & other bugs

Updated lighttpd packages fix security vulnerability: modauth in lighttpd before 1.4.36 allows remote attackers to inject arbitrary log entries via a basic HTTP authentication string without a colon character, as demonstrated by a string containing a NULL and new line character CVE-2015-3200. The...

7.5CVSS8AI score0.09978EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2015/08/10 12:0 a.m.35 views

Fedora 22 : lighttpd-1.4.36-1.fc22 (2015-12252)

Latest upstream security release : http://www.lighttpd.net/2015/7/26/1.4.36/ Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

7.5CVSS7.4AI score0.09978EPSS
Exploits1References6
Tenable Nessus
Tenable Nessus
added 2015/08/10 12:0 a.m.31 views

Fedora 21 : lighttpd-1.4.36-1.fc21 (2015-12250)

Latest upstream security release : http://www.lighttpd.net/2015/7/26/1.4.36/ Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

7.5CVSS7.4AI score0.09978EPSS
Exploits1References6
OpenVAS
OpenVAS
added 2015/08/08 12:0 a.m.29 views

Fedora Update for lighttpd FEDORA-2015-12250

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.09978EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2015/08/08 12:0 a.m.30 views

Fedora Update for lighttpd FEDORA-2015-12252

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.7AI score0.09978EPSS
Exploits1References2
OpenVAS
OpenVAS
added 2015/06/19 12:0 a.m.571 views

Lighttpd < 1.4.36 'http_auth.c' RCE Vulnerability - Linux

Lighttpd is prone to a remote code execution RCE vulnerability. Copyright C 2015 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free softwar...

7.5CVSS7.9AI score0.09978EPSS
Exploits1References3
OSV
OSV
added 2015/06/09 2:59 p.m.6 views

CVE-2015-3200

modauth in lighttpd before 1.4.36 allows remote attackers to inject arbitrary log entries via a basic HTTP authentication string without a colon character, as demonstrated by a string containing a NULL and new line character...

7.5CVSS7.5AI score0.09978EPSS
Exploits1References10
UbuntuCve
UbuntuCve
added 2015/06/09 2:59 p.m.43 views

CVE-2015-3200

modauth in lighttpd before 1.4.36 allows remote attackers to inject arbitrary log entries via a basic HTTP authentication string without a colon character, as demonstrated by a string containing a NULL and new line character...

7.5CVSS7.2AI score0.09978EPSS
Exploits1References3
Debian CVE
Debian CVE
added 2015/06/09 2:0 p.m.21 views

CVE-2015-3200

modauth in lighttpd before 1.4.36 allows remote attackers to inject arbitrary log entries via a basic HTTP authentication string without a colon character, as demonstrated by a string containing a NULL and new line character...

7.5CVSS7.7AI score0.09978EPSS
Exploits1
CVE
CVE
added 2015/06/09 2:0 p.m.414 views

CVE-2015-3200

The CVE-2015-3200 entry concerns lighttpd mod_auth prior to 1.4.36. A remote attacker can inject log entries via a basic-auth string without a colon, demonstrated using a NULL/newline in the string. Impact is log injection; some references note potential information exposure. Remediation exists: ...

7.5CVSS7.5AI score0.09978EPSS
Exploits1References9Affected Software1
Cvelist
Cvelist
added 2015/06/09 2:0 p.m.44 views

CVE-2015-3200

modauth in lighttpd before 1.4.36 allows remote attackers to inject arbitrary log entries via a basic HTTP authentication string without a colon character, as demonstrated by a string containing a NULL and new line character...

7.5AI score0.09978EPSS
Exploits1References9
Rows per page
Query Builder