FreeBSD : lighttpd - multiple vulnerabilities (ef0033ad-5823-11e6-80cc-001517f335e2)

This script is Copyright (C) 2016 Tenable Network Security, Inc.

Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

Lighttpd Project reports :

Security fixes for Lighttpd :

- security: encode quoting chars in HTML and XML

- security: ensure gid != 0 if server.username is set, but not

- security: disable stat_cache if server.follow-symlink =

- security: httpoxy defense: do not emit HTTP_PROXY to CGI env

See also :

Solution :

Update the affected package.

Risk factor :


Family: FreeBSD Local Security Checks

Nessus Plugin ID: 92713 ()

Bugtraq ID:


Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now