5 matches found
[ASA-201802-5] sthttpd: arbitrary code execution
Arch Linux Security Advisory ASA-201802-5 ========================================= Severity: High Date : 2018-02-09 CVE-ID : CVE-2017-10671 Package : sthttpd Type : arbitrary code execution Remote : Yes Link : https://security.archlinux.org/AVG-333 Summary ======= The package sthttpd before...
CVE-2017-10671
Heap-based Buffer Overflow in the dedotdot function in libhttpd.c in sthttpd before 2.27.1 allows remote attackers to cause a denial of service daemon crash or possibly have unspecified other impact via a crafted filename...
CVE-2017-10671
Heap-based Buffer Overflow in the dedotdot function in libhttpd.c in sthttpd before 2.27.1 allows remote attackers to cause a denial of service daemon crash or possibly have unspecified other impact via a crafted filename...
CVE-2017-10671
Heap-based Buffer Overflow in the dedotdot function in libhttpd.c in sthttpd before 2.27.1 allows remote attackers to cause a denial of service daemon crash or possibly have unspecified other impact via a crafted filename...
CVE-2017-10671
CVE-2017-10671 affects sthttpd up to version 2.27.1. Heap-based Buffer Overflow occurs in the de_dotdot function in libhttpd.c, allowing remote attackers to cause a denial of service (daemon crash) and potentially other impact via a crafted filename. Upstream fixes are in 2.27.1 (as noted by Arch...