Acme Thttpd Secure Webserver prior to 2.22, with the chroot option enabled, allows remote malicious users to view sensitive files under the document root (such as .htpasswd) via a GET request with a trailing /.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
acme thttpd |