Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Lighttpd Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2008-1270 - Vulnerability Database
Lighttpd

Lighttpd Exposure of Sensitive Information to an Unauthorized Actor Vulnerability - CVE-2008-1270

Medium
Reference: CVE-2008-1270
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2008-1270
Title: Lighttpd Exposure of Sensitive Information to an Unauthorized Actor Vulnerability
Overview:

mod_userdir in lighttpd 1.4.18 and earlier when userdir.path is not set uses a default of HOME which might allow remote attackers to read arbitrary files as demonstrated by accessing the nobody directory.