Description

mod_cgi in lighttpd 1.4.18 sends the source code of CGI scripts instead of a 500 error when a fork failure occurs, which might allow remote attackers to obtain sensitive information.

Remediation

References

CVE-2008-1111

Related Vulnerabilities

Opencart Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2020-29471)

WordPress Plugin SMS Alert Order Notifications-WooCommerce Cross-Site Scripting (3.4.6)

WebLogic CVE-2020-14639 Vulnerability (CVE-2020-14639)

Trac URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2008-2951)

WordPress Plugin WOOCS-Currency Switcher for WooCommerce Professional Cross-Site Scripting (1.3.7.2)

Severity

Medium

Classification

CVE-2008-1111 CWE-200

Tags

Missing Update Known Vulnerabilities