Lighttpd Trailing Slash Information Disclosure Vulnerability Network Vulnerability

Summary

According to its version number, the remote version of Lighttpd is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may lead to further attacks. Lighttpd 1.4.23 is vulnerable other versions may also be affected.

Solution

An update is available. Please see http://www.lighttpd.net for more information.

References

http://www.securityfocus.com/bid/35097

Updated on 2015-03-25

Severity

Classification

CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N

Related Vulnerabilities

Apache Tomcat 'sort' and 'orderBy' Parameters Cross Site Scripting Vulnerabilities
CUPS Information Disclosure Vulnerability
Cherokee URI Directory Traversal Vulnerability and Information Disclosure Vulnerability
IBM WebSphere Application Server JSF Application Information Disclosure Vulnerability
IBM WebSphere Application Server JNDI information disclosure Vulnerability

Take action and discover your vulnerabilities