CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

4 matches found

SUSE CVE•added 2023/02/15 6:11 a.m.•1 views

SUSE CVE-2007-3949

modaccess.c in lighttpd 1.4.15 ignores trailing / slash characters in the URL, which allows remote attackers to bypass url.access-deny settings...

8.3CVSS7AI score0.00608EPSS

Exploits0References4

UbuntuCve•added 2007/07/24 12:30 a.m.•23 views

CVE-2007-3949

modaccess.c in lighttpd 1.4.15 ignores trailing / slash characters in the URL, which allows remote attackers to bypass url.access-deny settings...

8.3CVSS5.9AI score0.00608EPSS

Exploits0References1

CVE•added 2007/07/24 12:0 a.m.•147 views

CVE-2007-3949

CVE-2007-3949 affects lighttpd’s mod_access.c. In lighttpd 1.4.15, trailing slash handling in URLs is ignored, enabling bypass of url.access-deny settings. Multiple sources link this with lighttpd versions prior to 1.4.16; remediation cited is to upgrade to 1.4.16 or later. Exploitation details a...

8.3CVSS6.3AI score0.00608EPSS

Exploits0References14Affected Software1