- Community Home
- >
- Welcome
- >
- Other HPE Product Questions
- >
- Who Me Too'd this topic
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
Who Me Too'd this topic
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-02-2024 09:49 AM
10-02-2024 09:49 AM
Vulnerabilities Lighttpd in the HPE OfficeConnect Switch 1820 24G J9980A
In our inspection routines we found vulnerabilities in the HPE OfficeConnect Switch 1820 24G J9980A.
vulnerabilities: Lighttpd < 1.4.35 Multiple Vulnerabilities - Active Check
Vulnerability Insight
The following flaws exist:
- mod_mysql_vhost module is not properly sanitizing user supplied input passed via the host-
name
- mod_evhost and mod_simple_vhost modules are not properly sanitizing user supplied input
via the hostname.
Vulnerability Detection Method
Sends a crafted HTTP GET request and checks the response.
Details: Lighttpd < 1.4.35 Multiple Vulnerabilities - Active Check
OID:1.3.6.1.4.1.25623.1.0.802072
Version used: 2023-02-01T10:08:40Z
References
cve: CVE-2014-2323
cve: CVE-2014-2324
I need help on how to resolve this vulnerability
Thanks