Lighttpd Lighttpd : Security vulnerabilities, CVEs directory traversal published in 2014

CVE-2014-2324

Multiple directory traversal vulnerabilities in (1) mod_evhost and (2) mod_simple_vhost in lighttpd before 1.4.35 allow remote attackers to read arbitrary files via a .. (dot dot) in the host name, related to request_check_hostname.

Max CVSS

5.0

EPSS Score

95.62%

Published

2014-03-14

Updated

2021-02-24

1 vulnerabilities found

This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!

Accept Close

Lighttpd » Lighttpd : Security Vulnerabilities, CVEs, Published In 2014 (Directory traversal) CVSS score >= 2

CVE-2014-2324