HTTP: Lighttpd mod_fastcgi Extension CGI Variable Overwriting
This signature detects attempts to exploit a known vulnerability against Light HTTPD FastCGI . A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the server.
Extended Description
Lighttpd is prone to a remote header-overflow vulnerability because the application fails to properly bounds-check user-supplied data before copying it. An attacker may exploit this issue to overwrite PHP headers such as 'SCRIPT_FILENAME'. This may allow the attacker to execute to script code, obtain sensitive information, and launch other attacks. Exploiting this issue may also aid in the remote compromise of an affected computer. Lighttpd 1.4.17 is vulnerable; prior versions may also be affected.
Affected Products
Debian linux
References
BugTraq: 25622
CVE: CVE-2007-4727
URL: http://www.milw0rm.com/exploits/4437 http://www.secweb.se/en/advisories/lighttpd-fastcgi-remote-vulnerability/
Short Name
HTTP:LHTTPD:FCGI-HEADER-OF
Severity
Minor
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CGI CVE-2007-4727 Extension Lighttpd Overwriting Variable bid:25622 mod_fastcgi
Release Date
03/24/2023
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3724
False Positive
Unknown
Vendors
Red_hat
Suse
Gentoo
Rpath
Lighttpd
Foresight_linux
Debian
CVSS Score
6.8