Multiple directory traversal vulnerabilities in (1) modevhost and (2) modsimplevhost in lighttpd before 1.4.35 allow remote attackers to read arbitrary files via a .. (dot dot) in the host name, related to requestcheck_hostname.
{ "availability": "No subscription required", "ubuntu_priority": "medium", "binaries": [ { "binary_version": "1.4.33-1+nmu2ubuntu2.1", "binary_name": "lighttpd" }, { "binary_version": "1.4.33-1+nmu2ubuntu2.1", "binary_name": "lighttpd-dbgsym" }, { "binary_version": "1.4.33-1+nmu2ubuntu2.1", "binary_name": "lighttpd-dev" }, { "binary_version": "1.4.33-1+nmu2ubuntu2.1", "binary_name": "lighttpd-doc" }, { "binary_version": "1.4.33-1+nmu2ubuntu2.1", "binary_name": "lighttpd-mod-cml" }, { "binary_version": "1.4.33-1+nmu2ubuntu2.1", "binary_name": "lighttpd-mod-cml-dbgsym" }, { "binary_version": "1.4.33-1+nmu2ubuntu2.1", "binary_name": "lighttpd-mod-magnet" }, { "binary_version": "1.4.33-1+nmu2ubuntu2.1", "binary_name": "lighttpd-mod-magnet-dbgsym" }, { "binary_version": "1.4.33-1+nmu2ubuntu2.1", "binary_name": "lighttpd-mod-mysql-vhost" }, { "binary_version": "1.4.33-1+nmu2ubuntu2.1", "binary_name": "lighttpd-mod-mysql-vhost-dbgsym" }, { "binary_version": "1.4.33-1+nmu2ubuntu2.1", "binary_name": "lighttpd-mod-trigger-b4-dl" }, { "binary_version": "1.4.33-1+nmu2ubuntu2.1", "binary_name": "lighttpd-mod-trigger-b4-dl-dbgsym" }, { "binary_version": "1.4.33-1+nmu2ubuntu2.1", "binary_name": "lighttpd-mod-webdav" }, { "binary_version": "1.4.33-1+nmu2ubuntu2.1", "binary_name": "lighttpd-mod-webdav-dbgsym" } ] }