2 matches found
CVE-2008-0406
CVE-2008-0406 affects HFS (HTTP File Server) prior to 2.2c, where using account names as log filenames allows a remote attacker to trigger a DoS (daemon crash) via a long account name. The issue stems from how logs are named and written when the %user% template is used; exploited input can overfl...
Syhunt: HFS (HTTP File Server) Log Arbitrary File/Directory Manipulation and Denial-of-Service Vulnerabilities
Syhunt: HFS HTTP File Server Log Arbitrary File/Directory Manipulation and Denial-of-Service Vulnerabilities Advisory-ID: 200801162 Discovery Date: 1.16.2008 Release Date: 1.23.2008 Affected Applications: HFS 2.2 to and including 2.3Beta Build 174 Non-Affected Applications: HFS 2.1d and earlier...