Vulnerabilities > Acme > Thttpd > 2.21
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-02-06 | CVE-2017-17663 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Acme Mini Httpd and Thttpd The htpasswd implementation of mini_httpd before v1.28 and of thttpd before v2.28 is affected by a buffer overflow that can be exploited remotely to perform code execution. | 7.5 |
2003-11-03 | CVE-2003-0899 | Incorrect Calculation of Buffer Size vulnerability in Acme Thttpd 2.21/2.22/2.23 Buffer overflow in defang in libhttpd.c for thttpd 2.21 to 2.23b1 allows remote attackers to execute arbitrary code via requests that contain '<' or '>' characters, which trigger the overflow when the characters are expanded to "<" and ">" sequences. | 9.8 |
2001-11-13 | CVE-2001-0892 | Exposure of Resource to Wrong Sphere vulnerability in Acme Thttpd Acme Thttpd Secure Webserver before 2.22, with the chroot option enabled, allows remote attackers to view sensitive files under the document root (such as .htpasswd) via a GET request with a trailing /. | 5.0 |