oss-sec mailing list archives

Re: Re: CVE request: lighttpd issues

From: "Steven M. Christey" <coley () linus mitre org>
Date: Tue, 30 Sep 2008 14:25:56 -0400 (EDT)


On Tue, 30 Sep 2008, Christian Hoffmann wrote:

  * Unexpected behavior of url.redirect / url.rewrite config options


Use CVE-2008-4359, to be filled in later.

This is a border case in my book.

  * Information disclosure w/ mod_userdir on case-insensitive file
    systems


Use CVE-2008-4360, to be filled in later.

- Steve

Re: CVE request: lighttpd issues Christian Hoffmann (Sep 30)
- Re: CVE request: lighttpd issues Christian Hoffmann (Sep 30)
  - Re: Re: CVE request: lighttpd issues Steven M. Christey (Sep 30)