[lighttpd] [CVE-2008-1270] arbitrary file disclosure
Bug #203459 reported by
disabled.user
This bug report is a duplicate of:
Bug #200987: CVE-2008-1270 when mod_userdir is loaded but not configured, the server's whole disk becomes remotely readable.
Edit
Remove
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| lighttpd (Ubuntu) |
New
|
Undecided
|
Unassigned | ||
Bug Description
Binary package hint: lighttpd
References:
DSA-1521-1 (http://
Quoting:
"Julien Cayzac discovered that under certain circumstances lighttpd,
a fast webserver with minimal memory footprint, might allow the reading
of arbitrary files from the system. This problem could only occur
with a non-standard configuration."
CVE References
To post a comment you must log in.
