Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
acme labs thttpd vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2007-0664
thttpd prior to 2.25b-r6 in Gentoo Linux is started from the system root directory (/) by the Gentoo baselayout 1.12.6 package, which allows remote malicious users to read arbitrary files.
Acme Labs Thttpd
7.2
CVSSv2
CVE-2006-4248
thttpd on Debian GNU/Linux, and possibly other distributions, allows local users to create or touch arbitrary files via a symlink attack on the start_thttpd temporary file.
Acme Labs Thttpd 2.25b
7.2
CVSSv2
CVE-2006-1078
Multiple buffer overflows in htpasswd, as used in Acme thttpd 2.25b, and possibly other products such as Apache, might allow local users to gain privileges via (1) a long command line argument and (2) a long line in a file. NOTE: since htpasswd is normally installed as a non-setu...
Acme Labs Thttpd 2.25b
7.2
CVSSv2
CVE-2006-1079
htpasswd, as used in Acme thttpd 2.25b and possibly other products such as Apache, might allow local users to gain privileges via shell metacharacters in a command line argument, which is used in a call to the system function. NOTE: since htpasswd is normally installed as a non-s...
Acme Labs Thttpd 2.25b
2.1
CVSSv2
CVE-2005-3124
syslogtocern in Acme thttpd prior to 2.23 allows local users to write arbitrary files via a symlink attack on a temporary file.
Acme Labs Thttpd 2.21b
Acme Labs Thttpd 2.23b1
5
CVSSv2
CVE-2004-2628
Multiple directory traversal vulnerabilities in thttpd 2.07 beta 0.4, when running on Windows, allow remote malicious users to read arbitrary files via a URL that contains (1) a hex-encoded backslash dot-dot sequence ("%5C..") or (2) a drive letter (such as "C:&quo...
Acme Labs Thttpd 2.0.7 Beta 0.4
1 EDB exploit
5
CVSSv2
CVE-2002-1562
Directory traversal vulnerability in thttpd, when using virtual hosting, allows remote malicious users to read arbitrary files via .. (dot dot) sequences in the Host: header.
Acme Labs Thttpd
7.5
CVSSv2
CVE-2002-0733
Cross-site scripting vulnerability in thttpd 2.20 and previous versions allows remote malicious users to execute arbitrary script via a URL to a nonexistent page, which causes thttpd to insert the script into a 404 error message.
Acme Labs Thttpd 2.20b
1 EDB exploit
7.5
CVSSv2
CVE-2001-1496
Off-by-one buffer overflow in Basic Authentication in Acme Labs thttpd 1.95 up to and including 2.20 allows remote malicious users to cause a denial of service and possibly execute arbitrary code.
Acme Thttpd
7.5
CVSSv2
CVE-2000-0900
Directory traversal vulnerability in ssi CGI program in thttpd 2.19 and previous versions allows remote malicious users to read arbitrary files via a "%2e%2e" string, a variation of the .. (dot dot) attack.
Acme Labs Thttpd 2.16
Acme Labs Thttpd 2.17
Acme Labs Thttpd 2.18
Acme Labs Thttpd 2.19
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »