Multiple directory traversal vulnerabilities in (1) mod_evhost and (2) mod_simple_vhost in lighttpd before 1.4.35 allow remote attackers to read arbitrary files via a .. (dot dot) in the host name, related to request_check_hostname.
AV:N/AC:L/Au:N/C:P/I:N/A:N
14/03/2014
by Lighttpd
2 years ago
by Debian
2 months ago
by Contec
a year ago
by SUSE
2 years ago
by Opensuse
3 years ago
by SUSE
3 years ago