lighttpd Information for VU#797896

CGI web servers assign Proxy header values from client requests to internal HTTP_PROXY environment variables

Status

Affected

Vendor Statement

Mitigation of httpoxy is available in lighttpd.


Mitigation:

lighttpd <= 1.4.40 (reject requests containing "Proxy" header)