5
CVE-2006-0814
- EPSS 10.33%
- Veröffentlicht 06.03.2006 21:02:00
- Zuletzt bearbeitet 16.06.2026 22:21:20
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
response.c in Lighttpd 1.4.10 and possibly previous versions, when run on Windows, allows remote attackers to read arbitrary source code via requests that contain trailing (1) "." (dot) and (2) space characters, which are ignored by Windows, as demonstrated by PHP files.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 10.33% | 0.951 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
http://secunia.com/advisories/18886
http://secunia.com/secunia_research/2006-9/advisory/
http://securityreason.com/securityalert/523
http://securitytracker.com/id?1015703
http://trac.lighttpd.net/trac/changeset/1005
http://www.osvdb.org/23542
http://www.securityfocus.com/archive/1/426446/100/0/threaded
http://www.securityfocus.com/bid/16893
http://www.vupen.com/english/advisories/2006/0782
https://exchange.xforce.ibmcloud.com/vulnerabilities/24976