Vulnerability CVE-2008-4359

Vulnerability Name:

CVE-2008-4359 (CCN-45690)

Assigned:

2008-09-30

Published:

2008-09-30

Updated:

2018-11-29

Summary:

lighttpd before 1.4.20 compares URIs to patterns in the (1) url.redirect and (2) url.rewrite configuration settings before performing URL decoding, which might allow remote attackers to bypass intended access restrictions, and obtain sensitive information or possibly modify data.

CVSS v3 Severity:

5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): Low Integrity (I): None Availibility (A): None

CVSS v2 Severity:

7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
5.5 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): Partial Availibility (A): Partial

5.0 Medium (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N/E:U/RL:OF/RC:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): Partial Integrity (I): None Availibility (A): None

Vulnerability Type:

CWE-200

Vulnerability Consequences:

Obtain Information

References:

Source: MITRE
Type: CNA
CVE-2008-4359

Source: SUSE
Type: Third Party Advisory
SUSE-SR:2008:026

Source: CCN
Type: oss-security Mailing List, Tue, 30 Sep 2008 16:55:06 +0200
Re: CVE request: lighttpd issues

Source: MLIST
Type: Mailing List
[oss-security] 20080930 Re: CVE request: lighttpd issues

Source: CCN
Type: oss-security Mailing List, Tue, 30 Sep 2008 17:03:09 +0200
Re: CVE request: lighttpd issues

Source: MLIST
Type: Mailing List
[oss-security] 20080930 Re: CVE request: lighttpd issues

Source: CCN
Type: oss-security Mailing List, Tue, 30 Sep 2008 14:25:56 -0400 (EDT)
Re: Re: CVE request: lighttpd issues

Source: MLIST
Type: Mailing List
[oss-security] 20080930 Re: Re: CVE request: lighttpd issues

Source: CCN
Type: SA32069
lighttpd Duplicate Request Headers Memory Leak Vulnerability

Source: SECUNIA
Type: Third Party Advisory
32069

Source: SECUNIA
Type: Third Party Advisory
32132

Source: SECUNIA
Type: Third Party Advisory
32480

Source: SECUNIA
Type: Third Party Advisory
32834

Source: SECUNIA
Type: Third Party Advisory
32972

Source: GENTOO
Type: Third Party Advisory
GLSA-200812-04

Source: CONFIRM
Type: Broken Link, Vendor Advisory
http://trac.lighttpd.net/trac/changeset/2278

Source: CONFIRM
Type: Broken Link, Vendor Advisory
http://trac.lighttpd.net/trac/changeset/2307

Source: CONFIRM
Type: Broken Link, Vendor Advisory
http://trac.lighttpd.net/trac/changeset/2309

Source: CONFIRM
Type: Broken Link, Vendor Advisory
http://trac.lighttpd.net/trac/changeset/2310

Source: CCN
Type: LIGHTTPD Web site: Ticket #1720
Rewrite/redirect rules and URL encoding

Source: CONFIRM
Type: Vendor Advisory
http://trac.lighttpd.net/trac/ticket/1720

Source: CONFIRM
Type: Third Party Advisory
http://wiki.rpath.com/Advisories:rPSA-2008-0309

Source: CONFIRM
Type: Third Party Advisory
http://wiki.rpath.com/wiki/Advisories:rPSA-2008-0309

Source: DEBIAN
Type: Third Party Advisory
DSA-1645

Source: DEBIAN
Type: DSA-1645
lighttpd -- various

Source: CCN
Type: GLSA-200812-04
lighttpd: Multiple vulnerabilities

Source: CCN
Type: LIGHTTPD Web site
lighttpd fly light

Source: CONFIRM
Type: Patch, Vendor Advisory
http://www.lighttpd.net/security/lighttpd-1.4.x_rewrite_redirect_decode_url.patch

Source: CCN
Type: lighttpd_sa_2008_05
Bypass rewrite/redirect rules with encoded urls

Source: CONFIRM
Type: Vendor Advisory
http://www.lighttpd.net/security/lighttpd_sa_2008_05.txt

Source: CCN
Type: OSVDB ID: 48886
lighttpd url.redirect / url.rewrite URL Decoding Remote Security Bypass

Source: BUGTRAQ
Type: Third Party Advisory, VDB Entry
20081030 rPSA-2008-0309-1 lighttpd

Source: BID
Type: Third Party Advisory, VDB Entry
31599

Source: CCN
Type: BID-31599
Lighttpd URI Rewrite/Redirect Information Disclosure Vulnerability

Source: VUPEN
Type: Third Party Advisory
ADV-2008-2741

Source: XF
Type: Third Party Advisory, VDB Entry
lighttpd-urlredirect-rewrite-info-disclosure(45690)

Source: XF
Type: UNKNOWN
lighttpd-urlredirect-rewrite-info-disclosure(45690)

Source: SUSE
Type: SUSE-SR:2008:026
SUSE Security Summary Report

Vulnerable Configuration:

Configuration 1:

cpe:/a:lighttpd:lighttpd:*:*:*:*:*:*:*:* (Version < 1.4.20)

Configuration 2:

cpe:/o:debian:debian_linux:4.0:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:lighttpd:lighttpd:1.1.5:*:*:*:*:*:*:*

OR cpe:/a:lighttpd:lighttpd:1.1.6:*:*:*:*:*:*:*

OR cpe:/a:lighttpd:lighttpd:1.1.2:*:*:*:*:*:*:*

OR cpe:/a:lighttpd:lighttpd:1.1.1:*:*:*:*:*:*:*

OR cpe:/a:lighttpd:lighttpd:1.1.4:*:*:*:*:*:*:*

OR cpe:/a:lighttpd:lighttpd:1.1.3:*:*:*:*:*:*:*

OR cpe:/a:lighttpd:lighttpd:1.0.2:*:*:*:*:*:*:*

OR cpe:/a:lighttpd:lighttpd:1.1.0:*:*:*:*:*:*:*

OR cpe:/a:lighttpd:lighttpd:1.0.3:*:*:*:*:*:*:*

OR cpe:/a:lighttpd:lighttpd:1.1.9:*:*:*:*:*:*:*

OR cpe:/a:lighttpd:lighttpd:1.1.7:*:*:*:*:*:*:*

OR cpe:/a:lighttpd:lighttpd:1.1.8:*:*:*:*:*:*:*

AND

cpe:/o:gentoo:linux:*:*:*:*:*:*:*:*

OR cpe:/o:debian:debian_linux:4.0:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:20084359	V	CVE-2008-4359	2022-06-30
oval:org.opensuse.security:def:112949	P	lighttpd-1.4.59-2.1 on GA media (Moderate)	2022-01-17
oval:org.opensuse.security:def:106403	P	lighttpd-1.4.59-2.1 on GA media (Moderate)	2021-10-01
oval:org.mitre.oval:def:8191	P	DSA-1645 lighttpd -- various	2014-06-23
oval:org.mitre.oval:def:20257	P	DSA-1645-1 lighttpd - various problems	2014-06-23
oval:org.debian:def:1645	V	various	2008-10-06

BACK