mod_cgi in lighttpd 1.4.18 sends the source code of CGI scripts instead of a 500 error when a fork failure occurs, which might allow remote attackers to obtain sensitive information.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2008-03-04T23:00:00
Updated: 2024-08-07T08:08:57.337Z
Reserved: 2008-03-02T00:00:00
Link: CVE-2008-1111
Vulnrichment
No data.
NVD
Status : Modified
Published: 2008-03-04T23:44:00.000
Modified: 2018-10-11T20:29:41.773
Link: CVE-2008-1111
Redhat
No data.