Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
acme labs thttpd vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2001-1496
Off-by-one buffer overflow in Basic Authentication in Acme Labs thttpd 1.95 up to and including 2.20 allows remote malicious users to cause a denial of service and possibly execute arbitrary code.
Acme Thttpd
NA
CVE-2007-0664
thttpd prior to 2.25b-r6 in Gentoo Linux is started from the system root directory (/) by the Gentoo baselayout 1.12.6 package, which allows remote malicious users to read arbitrary files.
Acme Labs Thttpd
NA
CVE-2006-4248
thttpd on Debian GNU/Linux, and possibly other distributions, allows local users to create or touch arbitrary files via a symlink attack on the start_thttpd temporary file.
Acme Labs Thttpd 2.25b
NA
CVE-2006-1078
Multiple buffer overflows in htpasswd, as used in Acme thttpd 2.25b, and possibly other products such as Apache, might allow local users to gain privileges via (1) a long command line argument and (2) a long line in a file. NOTE: since htpasswd is normally installed as a non-setu...
Acme Labs Thttpd 2.25b
NA
CVE-2006-1079
htpasswd, as used in Acme thttpd 2.25b and possibly other products such as Apache, might allow local users to gain privileges via shell metacharacters in a command line argument, which is used in a call to the system function. NOTE: since htpasswd is normally installed as a non-s...
Acme Labs Thttpd 2.25b
NA
CVE-2005-3124
syslogtocern in Acme thttpd prior to 2.23 allows local users to write arbitrary files via a symlink attack on a temporary file.
Acme Labs Thttpd 2.21b
Acme Labs Thttpd 2.23b1
NA
CVE-2004-2628
Multiple directory traversal vulnerabilities in thttpd 2.07 beta 0.4, when running on Windows, allow remote malicious users to read arbitrary files via a URL that contains (1) a hex-encoded backslash dot-dot sequence ("%5C..") or (2) a drive letter (such as "C:&quo...
Acme Labs Thttpd 2.0.7 Beta 0.4
1 EDB exploit
NA
CVE-2002-1562
Directory traversal vulnerability in thttpd, when using virtual hosting, allows remote malicious users to read arbitrary files via .. (dot dot) sequences in the Host: header.
Acme Labs Thttpd
NA
CVE-2002-0733
Cross-site scripting vulnerability in thttpd 2.20 and previous versions allows remote malicious users to execute arbitrary script via a URL to a nonexistent page, which causes thttpd to insert the script into a 404 error message.
Acme Labs Thttpd 2.20b
1 EDB exploit
NA
CVE-2000-0900
Directory traversal vulnerability in ssi CGI program in thttpd 2.19 and previous versions allows remote malicious users to read arbitrary files via a "%2e%2e" string, a variation of the .. (dot dot) attack.
Acme Labs Thttpd 2.16
Acme Labs Thttpd 2.17
Acme Labs Thttpd 2.18
Acme Labs Thttpd 2.19
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »