Summary
According to its version number, the remote version of Lighttpd is prone to an information-disclosure vulnerability.
Attackers can exploit this issue to obtain sensitive information that may lead to further attacks.
Lighttpd 1.4.23 is vulnerable
other versions may also be affected.
Solution
An update is available. Please see http://www.lighttpd.net for more information.
References
Updated on 2015-03-25
Severity
Classification
-
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:P/I:N/A:N
Related Vulnerabilities
- Apache Tomcat 'sort' and 'orderBy' Parameters Cross Site Scripting Vulnerabilities
- CUPS Information Disclosure Vulnerability
- Cherokee URI Directory Traversal Vulnerability and Information Disclosure Vulnerability
- IBM WebSphere Application Server JSF Application Information Disclosure Vulnerability
- IBM WebSphere Application Server JNDI information disclosure Vulnerability