openSUSE 10 Security Update : lighttpd (lighttpd-5107)
Medium Nessus Plugin ID 31775
SynopsisThe remote openSUSE host is missing a security update.
Description- Remote attackers were able to crash lighttpd by opening a large number of connections (CVE-2008-0983).
- A bug in mod_cgi allowed remote attackers to read cgi source files (CVE-2008-1111).
- A bug in mod_userdir allowed remote attackers to read arbitrary files (CVE-2008-1270).
SolutionUpdate the affected lighttpd packages.