18 matches found
Security Bulletin: Vulnerability in lighttpd affects IBM Integrated Management Module (IMM) (CVE-2015-3200)
Summary IBM Integrated Management Module IMM has addressed the following vulnerability in lighttpd. Vulnerability Details Summary IBM Integrated Management Module IMM has addressed the following vulnerability in lighttpd. Vulnerability Details: CVE-ID: CVE-2015-3200 Description: lighttpd could...
SUSE CVE-2015-3200
modauth in lighttpd before 1.4.36 allows remote attackers to inject arbitrary log entries via a basic HTTP authentication string without a colon character, as demonstrated by a string containing a NULL and new line character...
Ubuntu: Security Advisory (USN-4775-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Vulnerability in lighttpd affects PowerKVM (CVE-2015-3200)
Summary PowerKVM is affected by a vulnerability in lighttpd CVE-2015-3200. This vulnerability is now fixed. Vulnerability Details CVEID: CVE-2015-3200 DESCRIPTION: lighttpd could allow a remote attacker to bypass security restrictions, caused by the improper validation of input. An attacker could...
SUSE-SU-2017:0731-1 Security update for lighttpd
This update for lighttpd fixes the following issues: Security issues fixed: - CVE-2016-1000212: Don't allow requests to set the HTTPPROXY variable. As CGI apps might pick it up and use it for outgoing requests. bsc990847 - CVE-2015-3200: Log injection via malformed base64 string in Authentication...
Mageia: Security Advisory (MGASA-2015-0338)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
MGASA-2015-0338 Updated lighttpd packages fix CVE-2015-3200 & other bugs
Updated lighttpd packages fix security vulnerability: modauth in lighttpd before 1.4.36 allows remote attackers to inject arbitrary log entries via a basic HTTP authentication string without a colon character, as demonstrated by a string containing a NULL and new line character CVE-2015-3200. The...
Updated lighttpd packages fix CVE-2015-3200 & other bugs
Updated lighttpd packages fix security vulnerability: modauth in lighttpd before 1.4.36 allows remote attackers to inject arbitrary log entries via a basic HTTP authentication string without a colon character, as demonstrated by a string containing a NULL and new line character CVE-2015-3200. The...
Fedora 22 : lighttpd-1.4.36-1.fc22 (2015-12252)
Latest upstream security release : http://www.lighttpd.net/2015/7/26/1.4.36/ Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...
Fedora 21 : lighttpd-1.4.36-1.fc21 (2015-12250)
Latest upstream security release : http://www.lighttpd.net/2015/7/26/1.4.36/ Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...
Fedora Update for lighttpd FEDORA-2015-12250
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Fedora Update for lighttpd FEDORA-2015-12252
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Lighttpd < 1.4.36 'http_auth.c' RCE Vulnerability - Linux
Lighttpd is prone to a remote code execution RCE vulnerability. Copyright C 2015 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free softwar...
CVE-2015-3200
modauth in lighttpd before 1.4.36 allows remote attackers to inject arbitrary log entries via a basic HTTP authentication string without a colon character, as demonstrated by a string containing a NULL and new line character...
CVE-2015-3200
modauth in lighttpd before 1.4.36 allows remote attackers to inject arbitrary log entries via a basic HTTP authentication string without a colon character, as demonstrated by a string containing a NULL and new line character...
CVE-2015-3200
modauth in lighttpd before 1.4.36 allows remote attackers to inject arbitrary log entries via a basic HTTP authentication string without a colon character, as demonstrated by a string containing a NULL and new line character...
CVE-2015-3200
The CVE-2015-3200 entry concerns lighttpd mod_auth prior to 1.4.36. A remote attacker can inject log entries via a basic-auth string without a colon, demonstrated using a NULL/newline in the string. Impact is log injection; some references note potential information exposure. Remediation exists: ...
CVE-2015-3200
modauth in lighttpd before 1.4.36 allows remote attackers to inject arbitrary log entries via a basic HTTP authentication string without a colon character, as demonstrated by a string containing a NULL and new line character...