Get a demo
100% Signal 0% Noise Invicti Logo - The Largest Dynamic Application Security Solutions Provider In The World Get a demo
Lighttpd Inadequate Encryption Strength Vulnerability - CVE-2013-4508 - Vulnerability Database
Lighttpd

Lighttpd Inadequate Encryption Strength Vulnerability - CVE-2013-4508

High
Reference: CVE-2013-4508
NVD Link: https://nvd.nist.gov/vuln/detail/CVE-2013-4508
Title: Lighttpd Inadequate Encryption Strength Vulnerability
Overview:

lighttpd before 1.4.34 when SNI is enabled configures weak SSL ciphers which makes it easier for remote attackers to hijack sessions by inserting packets into the client-server data stream or obtain sensitive information by sniffing the network.