• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Lighttpd 'mod_cgi' Information Disclosure Vulnerability

The 'lighttpd' program is prone to a vulnerability that in certain circumstances may allow attackers to access source code because the application fails to properly handle exceptional conditions.

Attackers can exploit this vulnerability to obtain potentially sensitive information that may aid in further attacks.

This issue affects lighttpd 1.4.18; other versions may also be vulnerable.