exploits , vulnerabilities , articles , Lighttpd Mod_FastCGI Request Headers Remote Header Overflow Vulnerability
| Title |
Lighttpd Mod_FastCGI Request Headers Remote Header Overflow Vulnerability |
| Published |
2007-09-10-12:00AM |
| Updated |
2007-12-19-04:01PM |
| Class |
Boundary Condition Error |
| CVE |
CVE-2007-4727 |
| Remote |
Yes |
| Local |
No |
| Credit |
Mattias Bengtsson <mattias@secweb.se> and Philip Olausson <po@secweb.se> discovered this issue. |
| Vulnerable |
S.u.S.E. UnitedLinux 1.0
S.u.S.E. SuSE Linux Standard Server 8.0
S.u.S.E. SuSE Linux School Server for i386
S.u.S.E. SUSE LINUX Retail Solution 8.0
S.u.S.E. SuSE Linux Openexchange Server 4.0
S.u.S.E. SUSE Linux Enterprise Server 10 SP1
S.u.S.E. SUSE Linux Enterprise Server 10
S.u.S.E. SUSE Linux Enterprise Desktop 10 SP1
S.u.S.E. SUSE Linux Enterprise Desktop 10
S.u.S.E. SLE SDK 10.SP1
S.u.S.E. SLE SDK 10
S.u.S.E. openSUSE 10.3
S.u.S.E. openSUSE 10.2
S.u.S.E. OpenEnterpriseServer 0
S.u.S.E. Novell Linux POS 9
S.u.S.E. Novell Linux Desktop 9
S.u.S.E. Linux Professional 10.0 OSS
S.u.S.E. Linux Professional 10.0
S.u.S.E. Linux Professional 10.2 x86_64
S.u.S.E. Linux Professional 10.2
S.u.S.E. Linux Professional 10.1
S.u.S.E. Linux Personal 10.0 OSS
S.u.S.E. Linux Personal 10.2 x86_64
S.u.S.E. Linux Personal 10.2
S.u.S.E. Linux Personal 10.1
S.u.S.E. Linux Enterprise Server 8
S.u.S.E. Linux Enterprise Server 10.SP1
S.u.S.E. Linux Enterprise Server 10
Linux kernel 2.6.5
S.u.S.E. Linux Enterprise SDK 10
S.u.S.E. Linux Desktop 10
S.u.S.E. Linux 10.1 x8664
S.u.S.E. Linux 10.1 x86
S.u.S.E. Linux 10.1 ppc
S.u.S.E. Linux 10.0 x8664
S.u.S.E. Linux 10.0 x86
S.u.S.E. Linux 10.0 ppc
rPath rPath Linux 1
RedHat Fedora Core7 0
lighttpd lighttpd 1.4.17
lighttpd lighttpd 1.4.16
lighttpd lighttpd 1.4.15
lighttpd lighttpd 1.4.14
lighttpd lighttpd 1.4.13
lighttpd lighttpd 1.4.12
lighttpd lighttpd 1.4.11
lighttpd lighttpd 1.4.10
lighttpd lighttpd 1.4.10
lighttpd lighttpd 1.4.9
lighttpd lighttpd 1.4.8
lighttpd lighttpd 1.4.7
lighttpd lighttpd 1.4.6
lighttpd lighttpd 1.4.5
lighttpd lighttpd 1.4.4
lighttpd lighttpd 1.4.3
lighttpd lighttpd 1.4.2
lighttpd lighttpd 1.4.1
lighttpd lighttpd 1.4
lighttpd lighttpd 1.3.10
lighttpd lighttpd 1.3.8
lighttpd lighttpd 1.3.7
Gentoo Linux
Foresight Linux Foresight Linux 1.1
Debian Linux 4.0 sparc
Debian Linux 4.0 s/390
Debian Linux 4.0 powerpc
Debian Linux 4.0 mipsel
Debian Linux 4.0 mips
Debian Linux 4.0 m68k
Debian Linux 4.0 ia64
Debian Linux 4.0 ia32
Debian Linux 4.0 hppa
Debian Linux 4.0 arm
Debian Linux 4.0 amd64
Debian Linux 4.0 alpha
Debian Linux 4.0
|
| Not Vulnerable |
lighttpd lighttpd 1.4.18
|
| Code |
UPDATE: Core Security Technologies has developed a working commercial exploit for its CORE IMPACT product. This exploit is not otherwise publicly available or known to be circulating in the wild.The following exploits demonstrate this issue: /data/vulnerabilities/exploits/hoagie_lighttpd.c /data/vulnerabilities/exploits/lighttpd-fastcgi-remote-vulnerability.c |
| TXT |
 |
|
Advertising
|
|
Copyright 2007,
SecurityDot
Tue, 02 Dec 2008 10:32:46 +0000
Friends : milw0rm.com , secunia.com , securityfocus.com
GOOGLE
NEWS
EXPLOITS
VULNS
exploits , 0day exploits , newest exploits , vulnerabilities , newest vulnerabilities , 0day vulnerabilities , newest articles , linux articles , articles
Fideo porn hot gearl. Real tones scanhttp:/ t657t /search/ex news+for+C windows ar www.sex mo www.xlxx.c www.gogirl teen se x www.batjoj windows po invision YapGB Behan ki c www.youtob www.worldb Adultsexy t459t WWw.Sex.Pk t829t t546t Behan ki c white and sexy pics www.tamil sxevideo wwe.sex.co sexsom. Sax 123 Www.wap.tr xbox 360 d mambo Remo squid 2.6 womansex.c www.shakir speak aniston sql inject t227t Desde cuan woltlab 2. Mega SMA WWW.VAGINA xnxx zoo qpopper windows ro www.xxxcom
|
