Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
acme thttpd - vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2007-0158
thttpd 2007 has buffer underflow.
Acme Thttpd 2007
9.8
CVSSv3
CVE-2017-17663
The htpasswd implementation of mini_httpd before v1.28 and of thttpd before v2.28 is affected by a buffer overflow that can be exploited remotely to perform code execution.
Acme Thttpd
Acme Mini Httpd
9.8
CVSSv3
CVE-2003-0899
Buffer overflow in defang in libhttpd.c for thttpd 2.21 to 2.23b1 allows remote malicious users to execute arbitrary code via requests that contain '<' or '>' characters, which trigger the overflow when the characters are expanded to "<"...
Acme Thttpd 2.23
Acme Thttpd
2 EDB exploits
1 Github repository
9.8
CVSSv3
CVE-2001-1496
Off-by-one buffer overflow in Basic Authentication in Acme Labs thttpd 1.95 up to and including 2.20 allows remote malicious users to cause a denial of service and possibly execute arbitrary code.
Acme Thttpd
5.5
CVSSv3
CVE-2012-5640
thttpd has a local DoS vulnerability via specially-crafted .htpasswd files
Acme Thttpd -
NA
CVE-2013-0348
thttpd.c in sthttpd prior to 2.26.4-r2 and thttpd 2.25b use world-readable permissions for /var/log/thttpd.log, which allows local users to obtain sensitive information by reading the file.
Open Source Development Team Sthttpd 2.26.3
Open Source Development Team Sthttpd 2.26
Open Source Development Team Sthttpd 2.26.1
Open Source Development Team Sthttpd 2.26.2
Open Source Development Team Sthttpd
Fedoraproject Fedora 17
Fedoraproject Fedora 18
Opensuse Opensuse 12.3
Opensuse Opensuse 12.2
Gentoo Linux
Opensuse Opensuse 13.1
Acme Thttpd 2.25
NA
CVE-2009-4491
thttpd 2.25b0 writes data to a log file without sanitizing non-printable characters, which might allow remote malicious users to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a termin...
Acme Thttpd 2.25
1 EDB exploit
NA
CVE-2009-4490
mini_httpd 1.19 writes data to a log file without sanitizing non-printable characters, which might allow remote malicious users to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a term...
Acme Mini Httpd 1.19
1 EDB exploit
NA
CVE-2007-0664
thttpd prior to 2.25b-r6 in Gentoo Linux is started from the system root directory (/) by the Gentoo baselayout 1.12.6 package, which allows remote malicious users to read arbitrary files.
Acme Labs Thttpd
NA
CVE-2006-4248
thttpd on Debian GNU/Linux, and possibly other distributions, allows local users to create or touch arbitrary files via a symlink attack on the start_thttpd temporary file.
Acme Labs Thttpd 2.25b
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »