Description

mod_cgi in lighttpd 1.4.18 sends the source code of CGI scripts instead of a 500 error when a fork failure occurs, which might allow remote attackers to obtain sensitive information.

Remediation

References

CVE-2008-1111

Related Vulnerabilities

WordPress Plugin WordPress Custom Settings Cross-Site Scripting (1.0)

Atlassian Confluence CVE-2020-29448 Vulnerability (CVE-2020-29448)

Piwigo Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2020-19216)

PrestaShop Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2019-19595)

WordPress Plugin Tutor LMS-eLearning and online course solution SQL Injection (1.8.2)

Severity

Medium

Classification

CVE-2008-1111 CWE-200

Tags

Missing Update Known Vulnerabilities