This script is Copyright (C) 2009-2016 Tenable Network Security, Inc.
The remote web server is affected by an information disclosure
The version of lighttpd running on the remote host discloses the
source code of files such as PHP scripts when a '/' is appended to a
URL corresponding to a symbolic link. This vulnerability occurs only
on certain operating systems (FreeBSD, Mac OS X, and Solaris prior to
version 10 are known to be affected) and arises because of a bug in
the operating system itself in which adding a trailing slash to a
symbolic link pointing to a regular file returns the link itself.
See also :
Upgrade to lighttpd version 1.4.23 or later.
Risk factor :
Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 3.6
Public Exploit Available : true