CVE-2013-4508 (debian_linux, lighttpd, opensuse)

lighttpd before 1.4.34, when SNI is enabled, configures weak SSL ciphers, which makes it easier for remote attackers to hijack sessions by inserting packets into the client-server data stream or obtain sensitive information by sniffing the network.

View Full Alert

Leave a Reply