Scan for free your assets for this vulnerability
Download Mageni to scan your assets for this plus 99,432 more vulnerabilities. It is free to get started and can be installed in Windows, macOS and Linux.
Amazon Linux Local Check: alas-2016-746
Information
Severity
Severity
Family
Family
CVSSv2 Base
CVSSv2 Base
CVSSv2 Vector
CVSSv2 Vector
Solution Type
Solution Type
Created
Created
Modified
Modified
Summary
Amazon Linux Local Security Checks
Insight
Insight
It was discovered that lighttpd class did not properly protect against the HTTP_PROXY variable name clash in a CGI context. A remote attacker could possibly use this flaw to redirect HTTP requests performed by a CGI script to an attacker-controlled proxy via a malicious HTTP request.
Solution
Solution
Run yum update lighttpd to update your system.
Common Vulnerabilities and Exposures (CVE)
Know your vulnerabilities for free. Start using Mageni today.
Mageni can help you to find, assess and manage your vulnerabilities.
Get Started for Free