Lucene search
RedhatCVELIST:CVE-2015-3200HistoryJun 09, 2015 - 2:00 p.m.
CVE-2015-3200
2015-06-0914:00:00
redhat
www.cve.org
8
mod_auth in lighttpd before 1.4.36 allows remote attackers to inject arbitrary log entries via a basic HTTP authentication string without a colon character, as demonstrated by a string containing a NULL and new line character.
References
jaanuskp.blogspot.com/2015/05/cve-2015-3200.html
lists.fedoraproject.org/pipermail/package-announce/2015-August/163223.html
lists.fedoraproject.org/pipermail/package-announce/2015-August/163286.html
redmine.lighttpd.net/issues/2646
www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
www.securityfocus.com/bid/74813
www.securitytracker.com/id/1032405
h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05247375
kc.mcafee.com/corporate/index?page=content&id=SB10310
Related
fedora
fedora
[SECURITY] Fedora 21 Update: lighttpd-1.4.36-1.fc21
2015-08-07 13:17:10
[SECURITY] Fedora 22 Update: lighttpd-1.4.36-1.fc22
2015-08-07 13:11:24
cve
cve
CVE-2015-3200
2015-06-09 14:59:01
nvd
nvd
CVE-2015-3200
2015-06-09 14:59:01
prion
prion
Design/Logic Flaw
2015-06-09 14:59:00
openvas
openvas
Fedora Update for lighttpd FEDORA-2015-12252
2015-08-08 00:00:00
Lighttpd < 1.4.36 'http_auth.c' RCE Vulnerability - Windows
2015-06-19 00:00:00
Fedora Update for lighttpd FEDORA-2015-12250
2015-08-08 00:00:00
nessus
nessus
FreeBSD : lighttpd -- Log injection vulnerability in mod_auth (dd7f29cc-3ee9-11e5-93ad-002590263bf5)
2015-08-11 00:00:00
Fedora 21 : lighttpd-1.4.36-1.fc21 (2015-12250)
2015-08-10 00:00:00
lighttpd < 1.4.36 Multiple Vulnerabilities
2018-02-06 00:00:00
ubuntucve
ubuntucve
CVE-2015-3200
2015-06-09 00:00:00
ibm
ibm
debiancve
debiancve
CVE-2015-3200
2015-06-09 14:59:01
mageia
mageia
Updated lighttpd packages fix CVE-2015-3200 & other bugs
2015-09-08 10:20:40
freebsd
freebsd
lighttpd -- Log injection vulnerability in mod_auth
2015-05-25 00:00:00
osv
osv
lighttpd vulnerabilities
2021-03-15 20:50:13
ubuntu
ubuntu
Lighttpd vulnerabilities
2021-03-15 00:00:00
kitploit
kitploit
Vision2 - Nmap's XML result parse and NVD's CPE correlation to search CVE
2017-09-08 13:30:00