CVE-2013-1427 in lighttpd정보

요약 (영어)

The configuration file for the FastCGI PHP support for lighthttpd before 1.4.28 on Debian GNU/Linux creates a socket file with a predictable name in /tmp, which allows local users to hijack the PHP control socket and perform unauthorized actions such as forcing the use of a different version of PHP via a symlink attack or a race condition.

예약하다

2013. 01. 26.

공개

2013. 03. 21.

엔트리

VulDB provides additional information and datapoints for this CVE:

아이디	취약성	CWE	악용	대책	CVE
8036	lighttpd Configuration Temporary Files 약한 암호화	310	높음	공식 수정	CVE-2013-1427

설명

CPE

CWE

CVSS

익스플로잇

역사

차이

연결하다

위협 인텔리전스

API JSON

API XML

API CSV

◂ 이전개요다음 ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!