This script is Copyright (C) 2007-2016 Tenable Network Security, Inc.
The remote web server is affected by a buffer overflow vulnerability.
The remote web server appears to be lighttpd running with the FastCGI
module (mod_fastcgi). The version of the FastCGI module on the remote
host is affected by a buffer overflow vulnerability. A remote attacker
can exploit this, by sending a specially crafted request with a long
header, to add or replace headers passed to PHP, such as
SCRIPT_FILENAME, which in turn could result in arbitrary code
See also :
Upgrade to lighttpd version 1.4.18 or later. Alternatively, disable
the FastCGI module.
Risk factor :
Medium / CVSS Base Score : 6.8
CVSS Temporal Score : 5.9
Public Exploit Available : true