Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
acme thttpd vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2007-0664
thttpd prior to 2.25b-r6 in Gentoo Linux is started from the system root directory (/) by the Gentoo baselayout 1.12.6 package, which allows remote malicious users to read arbitrary files.
Acme Labs Thttpd
7.5
CVSSv2
CVE-2007-0158
thttpd 2007 has buffer underflow.
Acme Thttpd 2007
7.2
CVSSv2
CVE-2006-1078
Multiple buffer overflows in htpasswd, as used in Acme thttpd 2.25b, and possibly other products such as Apache, might allow local users to gain privileges via (1) a long command line argument and (2) a long line in a file. NOTE: since htpasswd is normally installed as a non-setu...
Acme Labs Thttpd 2.25b
7.2
CVSSv2
CVE-2006-1079
htpasswd, as used in Acme thttpd 2.25b and possibly other products such as Apache, might allow local users to gain privileges via shell metacharacters in a command line argument, which is used in a call to the system function. NOTE: since htpasswd is normally installed as a non-s...
Acme Labs Thttpd 2.25b
7.5
CVSSv2
CVE-2002-0733
Cross-site scripting vulnerability in thttpd 2.20 and previous versions allows remote malicious users to execute arbitrary script via a URL to a nonexistent page, which causes thttpd to insert the script into a 404 error message.
Acme Labs Thttpd 2.20b
1 EDB exploit
5
CVSSv2
CVE-2004-2628
Multiple directory traversal vulnerabilities in thttpd 2.07 beta 0.4, when running on Windows, allow remote malicious users to read arbitrary files via a URL that contains (1) a hex-encoded backslash dot-dot sequence ("%5C..") or (2) a drive letter (such as "C:&quo...
Acme Labs Thttpd 2.0.7 Beta 0.4
1 EDB exploit
7.2
CVSSv2
CVE-2006-4248
thttpd on Debian GNU/Linux, and possibly other distributions, allows local users to create or touch arbitrary files via a symlink attack on the start_thttpd temporary file.
Acme Labs Thttpd 2.25b
5
CVSSv2
CVE-2009-4490
mini_httpd 1.19 writes data to a log file without sanitizing non-printable characters, which might allow remote malicious users to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a term...
Acme Mini Httpd 1.19
1 EDB exploit
2.1
CVSSv2
CVE-2013-0348
thttpd.c in sthttpd prior to 2.26.4-r2 and thttpd 2.25b use world-readable permissions for /var/log/thttpd.log, which allows local users to obtain sensitive information by reading the file.
Open Source Development Team Sthttpd 2.26.3
Open Source Development Team Sthttpd 2.26
Open Source Development Team Sthttpd 2.26.1
Open Source Development Team Sthttpd 2.26.2
Open Source Development Team Sthttpd
Fedoraproject Fedora 17
Fedoraproject Fedora 18
Opensuse Opensuse 12.3
Opensuse Opensuse 12.2
Gentoo Linux
Opensuse Opensuse 13.1
Acme Thttpd 2.25
4.3
CVSSv2
CVE-2004-2102
Cross-site scripting (XSS) vulnerability in FREESCO 2.05, a modified version of thttpd, allows remote malicious users to inject arbitrary web script or HTML via the test parameter.
1 EDB exploit
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4671
unauthorized
CVE-2024-4776
CVE-2024-3407
CVE-2024-26026
CVE-2024-32888
wireless
CVE-2024-4656
template injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2