| Max CVSS | 5.0 | Min CVSS | 4.3 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2008-1531 | 4.3 |
The connection_state_machine function (connections.c) in lighttpd 1.4.19 and earlier, and 1.5.x before 1.5.0, allows remote attackers to cause a denial of service (active SSL connection loss) by triggering an SSL error, such as disconnecting before a
|
31-10-2018 - 19:23 | 27-03-2008 - 23:44 | |
| CVE-2008-1270 | 5.0 |
mod_userdir in lighttpd 1.4.18 and earlier, when userdir.path is not set, uses a default of $HOME, which might allow remote attackers to read arbitrary files, as demonstrated by accessing the ~nobody directory.
|
11-10-2018 - 20:31 | 10-03-2008 - 21:44 |