Facebook Google Plus Twitter LinkedIn YouTube RSS Menu Search Resource - BlogResource - WebinarResource - ReportResource - Eventicons_066 icons_067icons_068icons_069icons_070

Lighttpd < 1.4.18 mod_fastcgi HTTP Request Header Overflow

Medium

Synopsis

The remote host is vulnerable to a buffer overflow.

Description

The remote host is running Lighttpd, a small web server. This version of Lighttpd is vulnerable to a buffer overflow via the 'mod_fastcgi' module. An attacker exploiting this flaw would only need the ability to send large, malformed requests to the 'mod_fastcgi' module. Successful exploitation would result in the attacker executing arbitrary code.

Solution

Upgrade to 1.4.18 or higher.