Unrated severityNVD Advisory· Published Mar 4, 2008· Updated Apr 23, 2026
CVE-2008-1111
CVE-2008-1111
Description
mod_cgi in lighttpd 1.4.18 sends the source code of CGI scripts instead of a 500 error when a fork failure occurs, which might allow remote attackers to obtain sensitive information.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
19- secunia.com/advisories/29209nvdVendor Advisory
- secunia.com/advisories/29235nvdVendor Advisory
- secunia.com/advisories/29268nvdVendor Advisory
- secunia.com/advisories/29275nvdVendor Advisory
- secunia.com/advisories/29318nvdVendor Advisory
- secunia.com/advisories/29622nvdVendor Advisory
- www.vupen.com/english/advisories/2008/0763nvdVendor Advisory
- lists.opensuse.org/opensuse-security-announce/2008-04/msg00005.htmlnvd
- security.gentoo.org/glsa/glsa-200803-10.xmlnvd
- trac.lighttpd.net/trac/changeset/2107nvd
- wiki.rpath.com/wiki/Advisories:rPSA-2008-0106nvd
- www.debian.org/security/2008/dsa-1513nvd
- www.securityfocus.com/archive/1/489465/100/0/threadednvd
- www.securityfocus.com/bid/28100nvd
- bugs.gentoo.org/show_bug.cginvd
- exchange.xforce.ibmcloud.com/vulnerabilities/41008nvd
- issues.rpath.com/browse/RPL-2326nvd
- www.redhat.com/archives/fedora-package-announce/2008-March/msg00162.htmlnvd
- www.redhat.com/archives/fedora-package-announce/2008-March/msg00180.htmlnvd
News mentions
0No linked articles in our index yet.