Executive Summary

Informations
Name CVE-2006-0760 First vendor Publication 2006-02-17
Vendor Cve Last vendor Modification 2024-11-21

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:H/Au:N/C:P/I:N/A:N)
Cvss Base Score 2.6 Attack Range Network
Cvss Impact Score 2.9 Attack Complexity High
Cvss Expoit Score 4.9 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

LightTPD 1.4.8 and earlier, when the web root is on a case-insensitive filesystem, allows remote attackers to bypass URL checks and obtain sensitive information via file extensions with unexpected capitalization, as demonstrated by a request for index.PHP when the configuration invokes the PHP interpreter only for ".php" names.

Original Source

Url : http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-0760

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 47

Open Source Vulnerability Database (OSVDB)

Id Description
23229 lighttpd Unexpected Capitalization File Extension Request Source Disclosure

Lighttpd contains a flaw that may allow a malicious user to display the source code of arbitrary scripts instead of generated response. The issue is triggered when processing specially crafted HTTP requests containing file extensions with unexpected capitalization. It is possible that the flaw may allow to bypass URL checks and obtain sensitive information resulting in a loss of confidentiality.

Sources (Detail)

http://lighttpd.net/news/
http://secunia.com/advisories/18869
http://www.lighttpd.net/news/
http://www.osvdb.org/23229
http://www.vupen.com/english/advisories/2006/0550
https://exchange.xforce.ibmcloud.com/vulnerabilities/24699
Source Url

Alert History

If you want to see full details history, please login or register.
0
1
2
3
4
5
6
7
8
Date Informations
2024-11-28 23:21:02
  • Multiple Updates
2024-11-28 12:08:21
  • Multiple Updates
2021-05-04 12:03:43
  • Multiple Updates
2021-04-22 01:04:15
  • Multiple Updates
2020-05-23 00:17:26
  • Multiple Updates
2017-07-20 09:23:22
  • Multiple Updates
2016-06-28 15:37:24
  • Multiple Updates
2016-04-26 14:18:57
  • Multiple Updates
2013-05-11 10:49:34
  • Multiple Updates