mod_cgi in lighttpd 1.4.18 sends the source code of CGI scripts instead of a 500 error when a fork failure occurs, which might allow remote malicious users to obtain sensitive information.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
lighttpd lighttpd 1.4.18 |