CVE-2021-26843

An issue was discovered in sthttpd through 2.27.1. On systems where the strcpy function is implemented with memcpy, the dedotdot function may cause a Denial-of-Service daemon crash due to overlapping memory ranges being passed to memcpy. This can triggered with an HTTP GET request for a crafted...

sthttpd 缓冲区错误漏洞

sthttpd is an improved version of thttpd, a small, simple, fast and secure HTTP server implementation that supports HTTP/1.1. A denial of service vulnerability exists in sthttpd version 2.27.1 and earlier. The vulnerability is related to a memory error in the handling of the dedotdot function in...

Heap overflow

Heap-based Buffer Overflow in the dedotdot function in libhttpd.c in sthttpd before 2.27.1 allows remote attackers to cause a denial of service daemon crash or possibly have unspecified other impact via a crafted filename...

sthttpd 'de_dotdot' function heap buffer overflow vulnerability

sthttpd is a lightweight HTTP server that supports URL-based file traffic limiting as well as support for multiple platforms such as FreeBSD, SunOS, Solaris, BSD, etc. sthttpd is an improved version of thttpd that includes an embedding feature that enables the development of web servers for...