Oval Definition:oval:org.opensuse.security:def:20084360
Revision Date:2015-11-16Version:1
Title:CVE-2008-4360
Description:
mod_userdir in lighttpd before 1.4.20, when a case-insensitive operating system or filesystem is used, performs case-sensitive comparisons on filename components in configuration options, which might allow remote attackers to bypass intended access restrictions, as demonstrated by a request for a .PHP file when there is a configuration rule for .php files.
Family:unixClass:vulnerability
Status:Reference(s):CVE-2008-4360
Platform(s):openSUSE 10.2
openSUSE 10.3
openSUSE 11.0
openSUSE 11.1
SUSE Linux Enterprise SDK 11 GA
Product(s):
Definition Synopsis
  • Release Information
  • suse110 is installed
  • lighttpd-mod_cml less than 1.4.19-6.4
  • OR lighttpd-mod_magnet less than 1.4.19-6.4
  • OR lighttpd-mod_mysql_vhost less than 1.4.19-6.4
  • OR lighttpd-mod_rrdtool less than 1.4.19-6.4
  • OR lighttpd-mod_trigger_b4_dl less than 1.4.19-6.4
  • OR lighttpd-mod_webdav less than 1.4.19-6.4
  • OR lighttpd less than 1.4.19-6.4
  • OR
  • suse111 is installed
  • lighttpd-mod_cml less than 1.4.20-2.4.1
  • OR lighttpd-mod_magnet less than 1.4.20-2.4.1
  • OR lighttpd-mod_mysql_vhost less than 1.4.20-2.4.1
  • OR lighttpd-mod_rrdtool less than 1.4.20-2.4.1
  • OR lighttpd-mod_trigger_b4_dl less than 1.4.20-2.4.1
  • OR lighttpd-mod_webdav less than 1.4.20-2.4.1
  • OR lighttpd less than 1.4.20-2.4.1
  • OR Package Information
  • sle11-sdk is installed
  • AND
  • lighttpd-mod_cml less than 1.4.20-2.29.1
  • OR lighttpd-mod_magnet less than 1.4.20-2.29.1
  • OR lighttpd-mod_mysql_vhost less than 1.4.20-2.29.1
  • OR lighttpd-mod_rrdtool less than 1.4.20-2.29.1
  • OR lighttpd-mod_trigger_b4_dl less than 1.4.20-2.29.1
  • OR lighttpd-mod_webdav less than 1.4.20-2.29.1
  • OR lighttpd less than 1.4.20-2.29.1
  • OR Package Information
  • suse110 is installed
  • AND
  • lighttpd-mod_cml less than 1.4.19-6.2
  • OR lighttpd-mod_magnet less than 1.4.19-6.2
  • OR lighttpd-mod_mysql_vhost less than 1.4.19-6.2
  • OR lighttpd-mod_rrdtool less than 1.4.19-6.2
  • OR lighttpd-mod_trigger_b4_dl less than 1.4.19-6.2
  • OR lighttpd-mod_webdav less than 1.4.19-6.2
  • OR lighttpd less than 1.4.19-6.2
    • BACK