Vulnerabilities > Acme > Thttpd > 2.21

DATE CVE VULNERABILITY TITLE RISK
2018-02-06 CVE-2017-17663 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Acme Mini Httpd and Thttpd
The htpasswd implementation of mini_httpd before v1.28 and of thttpd before v2.28 is affected by a buffer overflow that can be exploited remotely to perform code execution.
network
low complexity
acme CWE-119
critical
 9.8
9.8
2003-11-03 CVE-2003-0899 Incorrect Calculation of Buffer Size vulnerability in Acme Thttpd 2.21/2.22/2.23
Buffer overflow in defang in libhttpd.c for thttpd 2.21 to 2.23b1 allows remote attackers to execute arbitrary code via requests that contain '<' or '>' characters, which trigger the overflow when the characters are expanded to "&lt;" and "&gt;" sequences.
network
low complexity
acme CWE-131
critical
 9.8
9.8