lighttpd < 1.4.35 Multiple Vulnerabilities
High Nessus Plugin ID 73123
SynopsisThe remote web server is affected by multiple vulnerabilities.
DescriptionAccording to its banner, the version of lighttpd running on the remote host is prior to 1.4.35. It is, therefore, affected by the following vulnerabilities :
- A SQL injection flaw exists in the 'mod_mysql_vhost' module where user input passed using the hostname is not properly sanitized. A remote attacker can exploit this to inject or manipulate SQL queries, resulting in the manipulation or disclosure of data. (CVE-2014-2323)
- A traverse outside of restricted path flaw exists with the 'mod_evhost' and 'mod_simple_vhost' modules where user input passed using the hostname is not properly sanitized. A remote attacker can exploit this to gain access to potentially sensitive data. (CVE-2014-2324)
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number.
SolutionUpgrade to lighttpd version 1.4.35. Alternatively, apply the vendor-supplied patch.