CVE-2013-4559 in Linuxالمعلومات

الملخص

بحسب MITRE

lighttpd before 1.4.33 does not check the return value of the (1) setuid, (2) setgid, or (3) setgroups functions, which might cause lighttpd to run as root if it is restarted and allows remote attackers to gain privileges, as demonstrated by multiple calls to the clone function that cause setuid to fail when the user process limit is reached.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

حجز

12/06/2013

إفشاء

20/11/2013

الاعتدال

تمت الموافقة

إدخال

VDB-65507

EPSS

0.10721

KEV

لا

النشاطات

منخفض جدًا

المصادر

Do you want to use VulDB in your project?

Use the official API to access entries easily!