| Max CVSS | 7.5 | Min CVSS | 5.0 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2008-4360 | 7.5 |
mod_userdir in lighttpd before 1.4.20, when a case-insensitive operating system or filesystem is used, performs case-sensitive comparisons on filename components in configuration options, which might allow remote attackers to bypass intended access r
|
29-11-2018 - 15:46 | 03-10-2008 - 17:41 | |
| CVE-2008-4359 | 7.5 |
lighttpd before 1.4.20 compares URIs to patterns in the (1) url.redirect and (2) url.rewrite configuration settings before performing URL decoding, which might allow remote attackers to bypass intended access restrictions, and obtain sensitive inform
|
29-11-2018 - 15:46 | 03-10-2008 - 17:41 | |
| CVE-2008-4298 | 5.0 |
Memory leak in the http_request_parse function in request.c in lighttpd before 1.4.20 allows remote attackers to cause a denial of service (memory consumption) via a large number of requests with duplicate request headers.
|
11-10-2018 - 20:51 | 27-09-2008 - 10:30 |