Debian update for lighttpd - Secunia Advisories - Vulnerability Intelligence

Debian update for lighttpd
Secunia Advisory:	SA29275	Advisory Toolbox: Issue ticket Save in to-do list Mark as handled Exploit information Download as PDF Review actions Add comment
Release Date:	2008-03-07
Popularity:	3,920 views

Critical:	Less critical
Impact:	Exposure of system information Exposure of sensitive information
Where:	From remote
Solution Status:	Vendor Patch

OS:	Debian GNU/Linux 4.0 Debian GNU/Linux unstable alias sid

Subscribe:	Instant alerts on relevant vulnerabilities

CVE reference:	CVE-2008-1111

Description: Debian has issued an update for lighttpd. This fixes a vulnerability, which can be exploited by malicious people to disclose potentially sensitive information. For more information: SA29235 Solution: Apply updated packages. -- Debian GNU/Linux 4.0 alias etch -- Source archives: http://security.debian.org/pool/updat...ghttpd/lighttpd_1.4.13-4etch5.diff.gz Size/MD5 checksum:36835 fa55bbf4bf1b9a555cc4b7b368a059f6 http://security.debian.org/pool/updat.../lighttpd/lighttpd_1.4.13.orig.tar.gz Size/MD5 checksum: 793309 3a64323b8482b0e8a6246dbfdb4c39dc http://security.debian.org/pool/updat...l/lighttpd/lighttpd_1.4.13-4etch5.dsc Size/MD5 checksum: 1098 52f5881ec943188d8276c600902c84f5 Architecture independent packages: http://security.debian.org/pool/updat...pd/lighttpd-doc_1.4.13-4etch5_all.deb Size/MD5 checksum:99430 b13f37c0c8b55e145e6f823d5dd82dee alpha architecture (DEC Alpha) http://security.debian.org/pool/updat...pd-mod-webdav_1.4.13-4etch5_alpha.deb Size/MD5 checksum:71646 3d0308407b0b089bb8d8a215503f20d8 http://security.debian.org/pool/updat...d-mysql-vhost_1.4.13-4etch5_alpha.deb Size/MD5 checksum:59412 cf3dc4218076b66d5fb04e40cb6e6a03 http://security.debian.org/pool/updat...httpd-mod-cml_1.4.13-4etch5_alpha.deb Size/MD5 checksum:64832 c58a1cfc4a506351ef2425f4e4018113 http://security.debian.org/pool/updat...trigger-b4-dl_1.4.13-4etch5_alpha.deb Size/MD5 checksum:61170 0a2a5196ed776076f29fb8a85976387e http://security.debian.org/pool/updat...pd-mod-magnet_1.4.13-4etch5_alpha.deb Size/MD5 checksum:64402 58268f6c0dc00b8e0fe16f5cf93a6d86 http://security.debian.org/pool/updat...ttpd/lighttpd_1.4.13-4etch5_alpha.deb Size/MD5 checksum: 318776 55890a8afec6ff4fba50ff2e8ac4df6c amd64 architecture (AMD x86_64 (AMD64)) http://security.debian.org/pool/updat...pd-mod-webdav_1.4.13-4etch5_amd64.deb Size/MD5 checksum:69738 92677861a76629b9a3361c2c338d5bb0 http://security.debian.org/pool/updat...pd-mod-magnet_1.4.13-4etch5_amd64.deb Size/MD5 checksum:63434 98b26e827bb4c8a023239a90bfdb45a2 http://security.debian.org/pool/updat...trigger-b4-dl_1.4.13-4etch5_amd64.deb Size/MD5 checksum:60586 a3c573b8d1f921fb93fd28e33ee86d4f http://security.debian.org/pool/updat...d-mysql-vhost_1.4.13-4etch5_amd64.deb Size/MD5 checksum:58994 de8951a3316888b5874f3b3ee0abe755 http://security.debian.org/pool/updat...httpd-mod-cml_1.4.13-4etch5_amd64.deb Size/MD5 checksum:63726 0ca9bf4df2ca8260495146011e6d3a53 http://security.debian.org/pool/updat...ttpd/lighttpd_1.4.13-4etch5_amd64.deb Size/MD5 checksum: 297048 a12c33257671acdd291f41b7b7f8c64d arm architecture (ARM) http://security.debian.org/pool/updat...ghttpd/lighttpd_1.4.13-4etch5_arm.deb Size/MD5 checksum: 286092 3821f3f07c614ccf1a98cdec79301a18 http://security.debian.org/pool/updat...mod-mysql-vhost_1.4.13-4etch5_arm.deb Size/MD5 checksum:58528 1e3e7f75c172bb082c7b083110194c9f http://security.debian.org/pool/updat...d-trigger-b4-dl_1.4.13-4etch5_arm.deb Size/MD5 checksum:60664 489518ec1610f510562a1d0a2dfcb940 http://security.debian.org/pool/updat...ttpd-mod-webdav_1.4.13-4etch5_arm.deb Size/MD5 checksum:69414 41096405646828e7a63a6e4b208d5497 http://security.debian.org/pool/updat...ighttpd-mod-cml_1.4.13-4etch5_arm.deb Size/MD5 checksum:62916 e74d042125f02400c48f2763d34e6d9a http://security.debian.org/pool/updat...ttpd-mod-magnet_1.4.13-4etch5_arm.deb Size/MD5 checksum:62718 3d19c37366365f0e7f3ee06da00df623 hppa architecture (HP PA RISC) http://security.debian.org/pool/updat...httpd/lighttpd_1.4.13-4etch5_hppa.deb Size/MD5 checksum: 324114 f8cc861ec3e948179387ee31f6f9f3b4 http://security.debian.org/pool/updat...-trigger-b4-dl_1.4.13-4etch5_hppa.deb Size/MD5 checksum:61616 fe5f56af17823da3ef58b9a0b8e6d298 http://security.debian.org/pool/updat...tpd-mod-webdav_1.4.13-4etch5_hppa.deb Size/MD5 checksum:72826 517acc9044c0d82adea99c3d1ca1f0cc http://security.debian.org/pool/updat...tpd-mod-magnet_1.4.13-4etch5_hppa.deb Size/MD5 checksum:64824 81bd6d5482ce8a3c5179edeecfd08346 http://security.debian.org/pool/updat...od-mysql-vhost_1.4.13-4etch5_hppa.deb Size/MD5 checksum:59764 5d3f99e779ef096348b6749e4c809ba4 http://security.debian.org/pool/updat...ghttpd-mod-cml_1.4.13-4etch5_hppa.deb Size/MD5 checksum:65288 bdd83e24259d7f2922c3a95b8293b36c i386 architecture (Intel ia32) http://security.debian.org/pool/updat...od-mysql-vhost_1.4.13-4etch5_i386.deb Size/MD5 checksum:58916 caed74881673974288bbc290b3ba3479 http://security.debian.org/pool/updat...ghttpd-mod-cml_1.4.13-4etch5_i386.deb Size/MD5 checksum:63722 5363ca45b9753e937fa011b163e2f376 http://security.debian.org/pool/updat...tpd-mod-magnet_1.4.13-4etch5_i386.deb Size/MD5 checksum:63530 dda93744e3b76dd8f9e4a3dba20ca07a http://security.debian.org/pool/updat...-trigger-b4-dl_1.4.13-4etch5_i386.deb Size/MD5 checksum:60684 fb1d5f0bcbabae22f148425b4c42fae5 http://security.debian.org/pool/updat...tpd-mod-webdav_1.4.13-4etch5_i386.deb Size/MD5 checksum:70772 73b0ecdcafb617bf8e2e442f1886d9b0 http://security.debian.org/pool/updat...httpd/lighttpd_1.4.13-4etch5_i386.deb Size/MD5 checksum: 288902 30283b07cea3f0a26dc1a38b839f2807 ia64 architecture (Intel ia64) http://security.debian.org/pool/updat...httpd/lighttpd_1.4.13-4etch5_ia64.deb Size/MD5 checksum: 403296 6c366b8fed9ff23f19aaf50a66931a69 http://security.debian.org/pool/updat...-trigger-b4-dl_1.4.13-4etch5_ia64.deb Size/MD5 checksum:62884 0ccb5f79ae50fbc9967b7af053ff0e76 http://security.debian.org/pool/updat...od-mysql-vhost_1.4.13-4etch5_ia64.deb Size/MD5 checksum:61006 84f8efd4a34a05253e02aae4ad9e666a http://security.debian.org/pool/updat...tpd-mod-magnet_1.4.13-4etch5_ia64.deb Size/MD5 checksum:67184 3bd3cb49438d49c70436d106f97de40d http://security.debian.org/pool/updat...tpd-mod-webdav_1.4.13-4etch5_ia64.deb Size/MD5 checksum:76888 b5d4d899efb03134815b04b570bb8174 http://security.debian.org/pool/updat...ghttpd-mod-cml_1.4.13-4etch5_ia64.deb Size/MD5 checksum:67326 c3301e3405ea81adbcbfdb25e9175df6 mips architecture (MIPS (Big Endian)) http://security.debian.org/pool/updat...httpd/lighttpd_1.4.13-4etch5_mips.deb Size/MD5 checksum: 295944 7f5edffb4a6fa10cf0d57353d04939bc http://security.debian.org/pool/updat...od-mysql-vhost_1.4.13-4etch5_mips.deb Size/MD5 checksum:58380 8f124d373348b24428af69b411966c31 http://security.debian.org/pool/updat...-trigger-b4-dl_1.4.13-4etch5_mips.deb Size/MD5 checksum:59762 63dbb566d233a7ca46f646e6f31db643 http://security.debian.org/pool/updat...tpd-mod-webdav_1.4.13-4etch5_mips.deb Size/MD5 checksum:69048 a3002e94627fbe13a92f3750767ff833 http://security.debian.org/pool/updat...ghttpd-mod-cml_1.4.13-4etch5_mips.deb Size/MD5 checksum:62456 4b933ff37574e18d94b518d2dd1ddce1 http://security.debian.org/pool/updat...tpd-mod-magnet_1.4.13-4etch5_mips.deb Size/MD5 checksum:62340 c62744ec6d7a84e13cda39089fc2cc40 mipsel architecture (MIPS (Little Endian)) http://security.debian.org/pool/updat...d-mod-webdav_1.4.13-4etch5_mipsel.deb Size/MD5 checksum:69848 b01bc2ff253e183ccf000765acb86f81 http://security.debian.org/pool/updat...rigger-b4-dl_1.4.13-4etch5_mipsel.deb Size/MD5 checksum:60592 5aa70a480157629fc6caa35309371236 http://security.debian.org/pool/updat...d-mod-magnet_1.4.13-4etch5_mipsel.deb Size/MD5 checksum:63194 a7d0666adf203cfc8a3089b7b27e7d27 http://security.debian.org/pool/updat...-mysql-vhost_1.4.13-4etch5_mipsel.deb Size/MD5 checksum:59104 1d57b007782bbb3116113b418aa4d7c7 http://security.debian.org/pool/updat...tpd/lighttpd_1.4.13-4etch5_mipsel.deb Size/MD5 checksum: 297028 96a183bd09c3ecee7899fa322a3d249f http://security.debian.org/pool/updat...ttpd-mod-cml_1.4.13-4etch5_mipsel.deb Size/MD5 checksum:63370 b1f2124c09cfce63f77814bdfaf89ec6 powerpc architecture (PowerPC) http://security.debian.org/pool/updat...tpd-mod-cml_1.4.13-4etch5_powerpc.deb Size/MD5 checksum:65218 22aa056a61b992c613453c4e42a18931 http://security.debian.org/pool/updat...-mod-magnet_1.4.13-4etch5_powerpc.deb Size/MD5 checksum:64942 0a52051cdf863e7f4d07a784e9b999a6 http://security.debian.org/pool/updat...-mod-webdav_1.4.13-4etch5_powerpc.deb Size/MD5 checksum:71590 497c515d7d21d17b47938bb3ca62c98a http://security.debian.org/pool/updat...pd/lighttpd_1.4.13-4etch5_powerpc.deb Size/MD5 checksum: 323626 5d902bf2d0dad086610eed1a3ef399ff http://security.debian.org/pool/updat...igger-b4-dl_1.4.13-4etch5_powerpc.deb Size/MD5 checksum:62298 5a6077d928a46f5412041586a79979a9 http://security.debian.org/pool/updat...mysql-vhost_1.4.13-4etch5_powerpc.deb Size/MD5 checksum:60480 e6b803329d925e756ebae8f3b8a25f61 s390 architecture (IBM S/390) http://security.debian.org/pool/updat...ghttpd-mod-cml_1.4.13-4etch5_s390.deb Size/MD5 checksum:64456 652df202c4877e31a189fdab5d73c429 http://security.debian.org/pool/updat...tpd-mod-webdav_1.4.13-4etch5_s390.deb Size/MD5 checksum:71184 6a27ce3f4965c2f45063fc6a12fc95a1 http://security.debian.org/pool/updat...tpd-mod-magnet_1.4.13-4etch5_s390.deb Size/MD5 checksum:64062 a1916058ca6929ba5ede58cd6df1c9fd http://security.debian.org/pool/updat...od-mysql-vhost_1.4.13-4etch5_s390.deb Size/MD5 checksum:59412 34187112fc60034864b8d7e4ad058010 http://security.debian.org/pool/updat...-trigger-b4-dl_1.4.13-4etch5_s390.deb Size/MD5 checksum:60908 f457bf75d0034e57a2b037e091f1e8bc http://security.debian.org/pool/updat...httpd/lighttpd_1.4.13-4etch5_s390.deb Size/MD5 checksum: 307020 9eaba4e65073194a68936c9957051597 sparc architecture (Sun SPARC/UltraSPARC) http://security.debian.org/pool/updat...pd-mod-magnet_1.4.13-4etch5_sparc.deb Size/MD5 checksum:63234 c488f5fd992c2e1bc594614259a81c6d http://security.debian.org/pool/updat...trigger-b4-dl_1.4.13-4etch5_sparc.deb Size/MD5 checksum:60348 643d00ff129a367c2f3f944ec3e9085d http://security.debian.org/pool/updat...d-mysql-vhost_1.4.13-4etch5_sparc.deb Size/MD5 checksum:58700 32e6ed5c3bec41941466a4929d1e25ab http://security.debian.org/pool/updat...ttpd/lighttpd_1.4.13-4etch5_sparc.deb Size/MD5 checksum: 283968 973579db2fff4ba527bbcfb8a78b4fb5 http://security.debian.org/pool/updat...pd-mod-webdav_1.4.13-4etch5_sparc.deb Size/MD5 checksum:69712 a5b419803f4c7fb418291327c45ce442 http://security.debian.org/pool/updat...httpd-mod-cml_1.4.13-4etch5_sparc.deb Size/MD5 checksum:63262 1748dc5be4967ff3fab5b94863e2be74 -- Debian GNU/Linux unstable alias sid -- Reportedly, the problem will be fixed soon. Original Advisory: http://www.us.debian.org/security/2008/dsa-1513 Other References: SA29235: http://secunia.com/advisories/29235/

Track this Secunia Advisory
Customers of the Secunia Vulnerability Intelligence solutions will automatically receive updates when new information regarding this advisory is released. Read more about our Vulnerability Intelligence solutions and what they can do for you and your company.

About this Secunia Advisory
Please note: The information that this Secunia Advisory is based on comes from a third party unless stated otherwise. Secunia collects, validates, and verifies all vulnerability reports issued by security research groups, vendors, and others.

Latest Advisories

10th Oct, 2008

New advisories:	15
New vulnerabilities:	83
Updated advisories:	41

Moderately // 632 views

ScriptsEz Easy Image Downloader "id" File Disclosure Vulnerability

Moderately // 627 views

Built2go Real Estate Listings "event_id" SQL Injection

Highly // 896 views

Sun Java System Web Proxy Server FTP Subsystem Buffer Overflow

Moderately // 662 views

Red Hat update for cups

Highly // 667 views

DFF PHP Framework API "DFF_config[dir_incl ude]" File Inclusion Vulnerabilities

Not // 739 views

FUJITSU Interstage Products Apache Tomcat Security Bypass

Moderately // 987 views

Apple Mac OS X Security Update Fixes Multiple Vulnerabilities

Moderately // 641 views

Fedora update for condor

Moderately // 1,020 views

CUPS Multiple Vulnerabilities

Not // 704 views

Gentoo Portage Insecure Python Module Search Path Security Issue

Solutions | More...

Send Feedback to Secunia
If you have new information regarding this Secunia advisory or a product in our database, please send it to us using either our web form or email us at vuln@secunia.com. Ideas, suggestions, and other feedback are most welcome.