lighttpd on Windows < 1.4.10a Crafted Filename Request Script Source Disclosure

medium Nessus Plugin ID 21155

Synopsis

The remote web server is affected by an information disclosure vulnerability.

Description

According to its banner, the version of lighttpd running on the remote Windows host is prior to 1.4.10a. It is, therefore, affected by an information disclosure vulnerability due to a failure to properly validate filename extensions in URLs. A remote attacker can exploit this issue, via specially crafted requests with dot and space characters, to disclose the source of scripts hosted by the affected application.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to lighttpd for Windows version 1.4.10a or later.

See Also

https://secuniaresearch.flexerasoftware.com/secunia_research/2006-9/advisory/

Plugin Details

Severity: Medium

ID: 21155

File Name: lighttpd_script_source_disclosure.nasl

Version: 1.25

Type: remote

Family: Web Servers

Published: 3/27/2006

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 2.9

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 4.1

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS Score Source: CVE-2006-0814

CVSS v3

Risk Factor: Medium

Base Score: 5.3

Temporal Score: 4.9

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Temporal Vector: CVSS:3.0/E:F/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:lighttpd:lighttpd

Required KB Items: installed_sw/lighttpd

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 3/1/2006

Exploitable With

CANVAS (D2ExploitPack)

Reference Information

CVE: CVE-2006-0814

BID: 16893