2 matches found
CVE-2008-0405
CVE-2008-0405 affects HTTP File Server (HFS) and describes multiple directory traversal flaws in versions prior to 2.2c. When account names are used for log filenames, an attacker can trigger traversal with .. in the account name to create arbitrary files and directories via the / URI, and can ap...
Syhunt: HFS (HTTP File Server) Log Arbitrary File/Directory Manipulation and Denial-of-Service Vulnerabilities
Syhunt: HFS HTTP File Server Log Arbitrary File/Directory Manipulation and Denial-of-Service Vulnerabilities Advisory-ID: 200801162 Discovery Date: 1.16.2008 Release Date: 1.23.2008 Affected Applications: HFS 2.2 to and including 2.3Beta Build 174 Non-Affected Applications: HFS 2.1d and earlier...