Lucene search
RedhatCVELIST:CVE-2013-4559HistoryNov 19, 2013 - 7:00 p.m.
CVE-2013-4559
2013-11-1919:00:00
redhat
www.cve.org
6
lighttpd before 1.4.33 does not check the return value of the (1) setuid, (2) setgid, or (3) setgroups functions, which might cause lighttpd to run as root if it is restarted and allows remote attackers to gain privileges, as demonstrated by multiple calls to the clone function that cause setuid to fail when the user process limit is reached.
References
download.lighttpd.net/lighttpd/security/lighttpd_sa_2013_02.txt
jvn.jp/en/jp/JVN37417423/index.html
lists.opensuse.org/opensuse-updates/2014-01/msg00049.html
marc.info/?l=bugtraq&m=141576815022399&w=2
secunia.com/advisories/55682
www.openwall.com/lists/oss-security/2013/11/12/4
kc.mcafee.com/corporate/index?page=content&id=SB10310
www.debian.org/security/2013/dsa-2795
Related
cve
cve
CVE-2013-4559
2013-11-20 14:12:30
nvd
nvd
CVE-2013-4559
2013-11-20 14:12:30
debiancve
debiancve
CVE-2013-4559
2013-11-20 14:12:30
ubuntucve
ubuntucve
CVE-2013-4559
2013-11-20 00:00:00
prion
prion
Design/Logic Flaw
2013-11-20 14:12:00
osv
osv
lighttpd - several
2013-11-17 00:00:00
lighttpd-1.4.37-1.6 on GA media
2024-06-15 00:00:00
nessus
nessus
Fedora 20 : lighttpd-1.4.34-3.fc20 (2014-2495)
2014-02-24 00:00:00
Amazon Linux AMI : lighttpd (ALAS-2014-299)
2014-03-12 00:00:00
lighttpd < 1.4.34 Multiple Vulnerabilities
2014-03-05 00:00:00
debian
debian
[SECURITY] [DSA 2795-1] lighttpd security update
2013-11-13 06:11:36
[SECURITY] [DSA 2795-1] lighttpd security update
2013-11-13 06:11:36
freebsd
freebsd
lighttpd -- multiple vulnerabilities
2013-11-28 00:00:00
mageia
mageia
Updated lighttpd packages fix multiple security vulnerbilities
2013-11-21 00:36:53
securityvulns
securityvulns
lighttpd multiple security vulnerabilities
2013-11-18 00:00:00
[SECURITY] [DSA 2795-1] lighttpd security update
2013-11-18 00:00:00
openvas
openvas
Fedora Update for lighttpd FEDORA-2014-2506
2014-02-25 00:00:00
Mageia: Security Advisory (MGASA-2013-0334)
2022-01-28 00:00:00
Debian: Security Advisory (DSA-2795-1)
2013-11-16 00:00:00
fedora
fedora
[SECURITY] Fedora 19 Update: lighttpd-1.4.34-3.fc19
2014-02-22 18:18:47
[SECURITY] Fedora 20 Update: lighttpd-1.4.34-3.fc20
2014-02-22 18:22:17
amazon
amazon
Medium: lighttpd
2014-03-06 14:57:00
gentoo
gentoo
lighttpd: Multiple vulnerabilities
2014-06-13 00:00:00
jvn
jvn
JVN#37417423: Multiple vulnerabilities in SolarView Compact
2021-02-19 00:00:00