Linux Distros Unpatched Vulnerability : CVE-2018-25103

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - There exists use-after-free vulnerabilities in lighttpd = 1.4.50 request parsing which might read from invalid pointers to memory used in the same request, not...

lighttpd Security Vulnerabilities

lighttpd is an open source web server from the individual developer Jan Kneschke in Germany. A security vulnerability exists in lighttpd version 1.4.50 and earlier versions, which stems from memory reuse after release...

Lighttpd < 1.4.50 Multiple Vulnerabilities

Lighttpd is prone to multiple path traversal and use-after-free vulnerabilities. Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This progra...

lighttpd < 1.4.50 Multiple Vulnerabilities

According to its banner, the version of lighttpd running on the remote host is prior to 1.4.50. It is, therefore, affected by the following vulnerabilities according to its release notes: - An unspecified potential path traversal in modalias - An unspecified user-after-free in core - An unspecifi...

CVE-2018-19052

The CVE-2018-19052 issue affects lighttpd’s mod_alias_physical_handler (mod_alias.c): when a configured alias lacks a trailing '/' but the target path has one, there is potential directory traversal to the parent of the alias target. Public advisories confirm this vulnerability across multiple di...