thttpd prior to 2.25b-r6 in Gentoo Linux is started from the system root directory (/) by the Gentoo baselayout 1.12.6 package, which allows remote malicious users to read arbitrary files.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
acme labs thttpd |