24 matches found
EUVD-2005-3124
Malware in sbrugna...
EUVD-2001-0875
Malware in sbrugna...
EUVD-2006-1083
Malware in sbrugna...
Acme thttpd < 2.26 Multiple Vulnerabilities
According to its banner, the version of Acme thttpd server running on the remote host is prior to 2.26. It is, therefore, affected by multiple vulnerabilities : - Multiple buffer overflow conditions exist in the htpasswd utility. A local attacker can exploit these, by calling htpasswd and supplyi...
Acme thttpd Detection
Binary data acmethttpddetect.nbin...
Acme thttpd HTTP Server - Directory Traversal
source: https://www.securityfocus.com/bid/60010/info thttpd is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input. Exploiting this issue will allow an attacker to view arbitrary local files within the context of the web server. Information...
Acme thttpd Version Detection
Binary data 5555.prm...
Design/Logic Flaw
htpasswd, as used in Acme thttpd 2.25b and possibly other products such as Apache, might allow local users to gain privileges via shell metacharacters in a command line argument, which is used in a call to the system function. NOTE: since htpasswd is normally installed as a non-setuid program, an...
CVE-2006-1078
Multiple buffer overflows in htpasswd, as used in Acme thttpd 2.25b, and possibly other products such as Apache, might allow local users to gain privileges via 1 a long command line argument and 2 a long line in a file. NOTE: since htpasswd is normally installed as a non-setuid program, and the...
CVE-2006-1079
htpasswd, as used in Acme thttpd 2.25b and possibly other products such as Apache, might allow local users to gain privileges via shell metacharacters in a command line argument, which is used in a call to the system function. NOTE: since htpasswd is normally installed as a non-setuid program, an...
CVE-2006-1079
CVE-2006-1079 concerns the htpasswd utility used by Acme thttpd (notably 2.25b) where local users can escalate privileges through shell metacharacters passed as command-line arguments to system(). Several sourced entries indicate this vulnerability exists in htpasswd and note the issue may be exp...
CVE-2006-1078
Multiple buffer overflows in htpasswd, as used in Acme thttpd 2.25b, and possibly other products such as Apache, might allow local users to gain privileges via 1 a long command line argument and 2 a long line in a file. NOTE: since htpasswd is normally installed as a non-setuid program, and the...
CVE-2006-1078
Concrete details found: CVE-2006-1078 concerns multiple buffer overflows in the htpasswd utility used by Acme thttpd 2.25b. The vulnerabilities allow a local attacker to gain or escalate privileges via (1) a long command-line argument and (2) a long line in a file. The advisory notes htpasswd is ...
CVE-2006-1079
htpasswd, as used in Acme thttpd 2.25b and possibly other products such as Apache, might allow local users to gain privileges via shell metacharacters in a command line argument, which is used in a call to the system function. NOTE: since htpasswd is normally installed as a non-setuid program, an...
Acme thttpd < 2.26 htpasswd Utility Overflow
Binary data 3463.prm...
Acme thttpd < 2.24 CGI Test Script Symlink Arbitrary File Overwrite
Binary data 3282.prm...
CVE-2005-3124
syslogtocern in Acme thttpd before 2.23 allows local users to write arbitrary files via a symlink attack on a temporary file...
CVE-2005-3124
syslogtocern in Acme thttpd before 2.23 allows local users to write arbitrary files via a symlink attack on a temporary file...
CVE-2005-3124
syslogtocern in Acme thttpd before 2.23 allows local users to write arbitrary files via a symlink attack on a temporary file...
CVE-2005-3124
CVE-2005-3124 affects the syslogtocern script in Acme thttpd prior to 2.23, enabling local attackers to overwrite arbitrary files via a symlink attack on a temporary file. Public advisories (Debian DSA-883-1, SUSE, Ubuntu, OpenVAS/Nessus entries) describe insecure temporary-file handling in thttp...