CVE-2013-4559 in Linuxinformazioni

Riassunto

di MITRE

lighttpd before 1.4.33 does not check the return value of the (1) setuid, (2) setgid, or (3) setgroups functions, which might cause lighttpd to run as root if it is restarted and allows remote attackers to gain privileges, as demonstrated by multiple calls to the clone function that cause setuid to fail when the user process limit is reached.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

Prenotare

12/06/2013

Divulgazione

20/11/2013

Moderazione

accettato

CPE

pronto

EPSS

0.10721

KEV

no

Attività

molto basso

Fonti

Do you want to use VulDB in your project?

Use the official API to access entries easily!