2 matches found
CVE-2008-0407
CVE-2008-0407 affects HFS (HTTP File Server) up to version 2.2c. The vulnerability is a Username Spoofing issue where the server logs the username presented during HTTP Basic Authentication in request logs, even if authentication fails, which can mislead administrators about who actually made a r...
Syhunt: HFS (HTTP File Server) Username Spoofing and Log Forging/Injection Vulnerability
Syhunt: HFS HTTP File Server Username Spoofing and Log Forging/Injection Vulnerability Advisory-ID: 200801163 Discovery Date: 1.16.2008 Release Date: 1.23.2008 Affected Applications: HFS 1.5g to and including 2.3Beta Build 174; and possibly HFS version 1.5f Non-Affected Applications: HFS 1.5e and...