Vulnerabilities > CVE-2006-0814 - Remote Script Disclosure vulnerability in Lighttpd

047910
CVSS 5.0 - MEDIUM
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
NONE
Availability impact
NONE
network
low complexity
lighttpd
nessus

Summary

response.c in Lighttpd 1.4.10 and possibly previous versions, when run on Windows, allows remote attackers to read arbitrary source code via requests that contain trailing (1) "." (dot) and (2) space characters, which are ignored by Windows, as demonstrated by PHP files.

Nessus

NASL familyWeb Servers
NASL idLIGHTTPD_SCRIPT_SOURCE_DISCLOSURE.NASL
descriptionAccording to its banner, the version of lighttpd running on the remote Windows host is prior to 1.4.10a. It is, therefore, affected by an information disclosure vulnerability due to a failure to properly validate filename extensions in URLs. A remote attacker can exploit this issue, via specially crafted requests with dot and space characters, to disclose the source of scripts hosted by the affected application. Note that Nessus has not tested for this issue but has instead relied only on the application
last seen2020-06-01
modified2020-06-02
plugin id21155
published2006-03-27
reporterThis script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof.
sourcehttps://www.tenable.com/plugins/nessus/21155
titlelighttpd on Windows < 1.4.10a Crafted Filename Request Script Source Disclosure