Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:18001
HistorySep 14, 2007 - 12:00 a.m.

[Full-disclosure] rPSA-2007-0183-1 lighttpd

2007-09-1400:00:00
vulners.com
35
JSON

rPath Security Advisory: 2007-0183-1
Published: 2007-09-14
Products: rPath Linux 1
Rating: Severe
Exposure Level Classification:
Remote System User Deterministic Unauthorized Access
Updated Versions:
lighttpd=/conary.rpath.com@rpl:devel//1/1.4.18-0.1-1

References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-4727
https://issues.rpath.com/browse/RPL-1715

Description:
Previous versions of the lighttpd package are vulnerable to a remote
Arbitrary Code Execution attack due to a header overflow in the
mod_fastcgi extension.

lighttpd is not installed by default on rPath Linux systems; only
systems customized to include lighttpd and enable mod_fastcgi are
vulnerable.

Note that the rPath Appliance Platform Agent (rAPA) does not enable
the mod_fastcgi extension, and so is not vulnerable to this attack.

Copyright 2007 rPath, Inc.
This file is distributed under the terms of the MIT License.
A copy is available at http://www.rpath.com/permanent/mit-license.html

Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Related

openvas 5
nessus 7
fedora 1
d2 1
cve 1
debiancve 1
checkpoint_advisories 1
debian 1
prion 1
securityvulns 1
gentoo 2
freebsd 1
ubuntucve 1
openvas
openvas
Fedora Update for lighttpd FEDORA-2007-2132
2009-02-27 00:00:00
FreeBSD Ports: lighttpd
2008-09-04 00:00:00
Debian Security Advisory DSA 1362-2 (lighttpd)
2008-01-17 00:00:00
nessus
nessus
FreeBSD : lighttpd -- FastCGI header overrun in mod_fastcgi (4b673ae7-5f9a-11dc-84dd-000102cc8983)
2007-09-14 00:00:00
Fedora 7 : lighttpd-1.4.18-1.fc7 (2007-2132)
2007-11-06 00:00:00
openSUSE 10 Security Update : lighttpd (lighttpd-4532)
2007-10-17 00:00:00
fedora
fedora
[SECURITY] Fedora 7 Update: lighttpd-1.4.18-1.fc7
2007-09-12 16:43:05
d2
d2
DSquare Exploit Pack: D2SEC_LIGHTTPD3
2007-09-12 19:17:00
cve
cve
CVE-2007-4727
2007-09-12 19:17:00
debiancve
debiancve
CVE-2007-4727
2007-09-12 19:17:00
checkpoint_advisories
checkpoint_advisories
Lighttpd mod_fastcgi Extension CGI Variable Overwriting (CVE-2007-4727)
2010-01-31 00:00:00
debian
debian
[SECURITY] [DSA 1362-2] New lighttpd packages fix buffer overflow
2007-10-07 15:17:55
prion
prion
Buffer overflow
2007-09-12 19:17:00
securityvulns
securityvulns
lighttpd buffer overflow
2007-09-14 00:00:00
gentoo
gentoo
Lighttpd: Buffer overflow
2007-09-27 00:00:00
PHP: Multiple vulnerabilities
2007-10-07 00:00:00
freebsd
freebsd
lighttpd -- FastCGI header overrun in mod_fastcgi
2007-09-09 00:00:00
ubuntucve
ubuntucve
CVE-2007-4727
2007-09-12 00:00:00
JSON
Related for SECURITYVULNS:DOC:18001
openvas5nessus7fedora1d21cve1debiancve1checkpoint_advisories1debian1prion1securityvulns1gentoo2freebsd1ubuntucve1