CVE-2008-4360

by Fred · 03/10/2008

mod_userdir in lighttpd before 1.4.20, when a case-insensitive operating system or filesystem is used, performs case-sensitive comparisons on filename components in configuration options, which might allow remote attackers to bypass intended access restrictions, as demonstrated by a request for a .PHP file when there is a configuration rule for .php files.

Date published : 2008-10-03

http://www.securityfocus.com/bid/31600

http://www.securityfocus.com/archive/1/497932/100/0/threaded

CVE-2008-4360

Similar

Recent Posts

Categories

CVE-2008-4360

Share this:

Similar

Recent Posts

Categories

Tags