CVE-2007-3949

mod_access.c in lighttpd 1.4.15 ignores trailing / (slash) characters in the URL, which allows remote attackers to bypass url.access-deny settings.
Configurations

Configuration 1

cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*

Information

Published : 2007-07-24 12:30

Updated : 2018-10-15 09:32


NVD link : CVE-2007-3949

Mitre link : CVE-2007-3949

Products Affected
No products.