Vulnerabilities > CVE-2006-0814 - Remote Script Disclosure vulnerability in Lighttpd
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
response.c in Lighttpd 1.4.10 and possibly previous versions, when run on Windows, allows remote attackers to read arbitrary source code via requests that contain trailing (1) "." (dot) and (2) space characters, which are ignored by Windows, as demonstrated by PHP files.
Vulnerable Configurations
Nessus
NASL family | Web Servers |
NASL id | LIGHTTPD_SCRIPT_SOURCE_DISCLOSURE.NASL |
description | According to its banner, the version of lighttpd running on the remote Windows host is prior to 1.4.10a. It is, therefore, affected by an information disclosure vulnerability due to a failure to properly validate filename extensions in URLs. A remote attacker can exploit this issue, via specially crafted requests with dot and space characters, to disclose the source of scripts hosted by the affected application. Note that Nessus has not tested for this issue but has instead relied only on the application |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 21155 |
published | 2006-03-27 |
reporter | This script is Copyright (C) 2018 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/21155 |
title | lighttpd on Windows < 1.4.10a Crafted Filename Request Script Source Disclosure |
References
- http://secunia.com/advisories/18886
- http://secunia.com/secunia_research/2006-9/advisory/
- http://securityreason.com/securityalert/523
- http://securitytracker.com/id?1015703
- http://trac.lighttpd.net/trac/changeset/1005
- http://www.osvdb.org/23542
- http://www.securityfocus.com/archive/1/426446/100/0/threaded
- http://www.securityfocus.com/bid/16893
- http://www.vupen.com/english/advisories/2006/0782
- https://exchange.xforce.ibmcloud.com/vulnerabilities/24976