Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
thttpd vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2002-1562
Directory traversal vulnerability in thttpd, when using virtual hosting, allows remote malicious users to read arbitrary files via .. (dot dot) sequences in the Host: header.
Acme Labs Thttpd
505
VMScore
CVE-2009-4491
thttpd 2.25b0 writes data to a log file without sanitizing non-printable characters, which might allow remote malicious users to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a termin...
Acme Thttpd 2.25
1 EDB exploit
668
VMScore
CVE-2007-0158
thttpd 2007 has buffer underflow.
Acme Thttpd 2007
755
VMScore
CVE-2002-0733
Cross-site scripting vulnerability in thttpd 2.20 and previous versions allows remote malicious users to execute arbitrary script via a URL to a nonexistent page, which causes thttpd to insert the script into a 404 error message.
Acme Labs Thttpd 2.20b
1 EDB exploit
641
VMScore
CVE-2006-4248
thttpd on Debian GNU/Linux, and possibly other distributions, allows local users to create or touch arbitrary files via a symlink attack on the start_thttpd temporary file.
Acme Labs Thttpd 2.25b
641
VMScore
CVE-2006-1078
Multiple buffer overflows in htpasswd, as used in Acme thttpd 2.25b, and possibly other products such as Apache, might allow local users to gain privileges via (1) a long command line argument and (2) a long line in a file. NOTE: since htpasswd is normally installed as a non-setu...
Acme Labs Thttpd 2.25b
641
VMScore
CVE-2006-1079
htpasswd, as used in Acme thttpd 2.25b and possibly other products such as Apache, might allow local users to gain privileges via shell metacharacters in a command line argument, which is used in a call to the system function. NOTE: since htpasswd is normally installed as a non-s...
Acme Labs Thttpd 2.25b
505
VMScore
CVE-2004-2628
Multiple directory traversal vulnerabilities in thttpd 2.07 beta 0.4, when running on Windows, allow remote malicious users to read arbitrary files via a URL that contains (1) a hex-encoded backslash dot-dot sequence ("%5C..") or (2) a drive letter (such as "C:&quo...
Acme Labs Thttpd 2.0.7 Beta 0.4
1 EDB exploit
668
VMScore
CVE-2017-17663
The htpasswd implementation of mini_httpd before v1.28 and of thttpd before v2.28 is affected by a buffer overflow that can be exploited remotely to perform code execution.
Acme Thttpd
Acme Mini Httpd
187
VMScore
CVE-2013-0348
thttpd.c in sthttpd prior to 2.26.4-r2 and thttpd 2.25b use world-readable permissions for /var/log/thttpd.log, which allows local users to obtain sensitive information by reading the file.
Open Source Development Team Sthttpd 2.26.3
Open Source Development Team Sthttpd 2.26
Open Source Development Team Sthttpd 2.26.1
Open Source Development Team Sthttpd 2.26.2
Open Source Development Team Sthttpd
Fedoraproject Fedora 17
Fedoraproject Fedora 18
Opensuse Opensuse 12.3
Opensuse Opensuse 12.2
Gentoo Linux
Opensuse Opensuse 13.1
Acme Thttpd 2.25
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2024-34413
CVE-2024-34089
CVE-2024-33408
local
SQL
CVE-2024-0402
CVE-2024-33910
CVE-2024-31848
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »