CVE-2008-1111

EPSS 0.99%

lighttpd - information disclosure

發布日:2008/3/4修改日:2026/4/28

也稱為:DEBIAN-CVE-2008-1111

描述

mod_cgi in lighttpd 1.4.18 sends the source code of CGI scripts instead of a 500 error when a fork failure occurs, which might allow remote attackers to obtain sensitive information.

受影響套件(2)

Debian/lighttpdfrom 0, < 1.4.18-4
Debian/lighttpdfrom 0, < 1.4.13-4etch5

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2008-1111