Ubuntu 16.04 ESM / 18.04 ESM : mini_httpd vulnerability (USN-4848-1)

The remote Ubuntu 16.04 ESM / 18.04 ESM host has a package installed that is affected by a vulnerability as referenced in the USN-4848-1 advisory. It was discovered that ACME minihttpd did not properly handle HTTP GET requests with empty headers. A remote attacker could use this vulnerability to...

mini_httpd 1.18 - HTTP Request Escape Sequence Terminal Command Injection

source: https://www.securityfocus.com/bid/37714/info Acme 'thttpd' and 'minihttpd' are prone to a command-injection vulnerability because they fail to adequately sanitize user-supplied input in logfiles. Attackers can exploit this issue to execute arbitrary commands in a terminal. This issue...

mini_httpd 1.18 - HTTP Request Escape Sequence Terminal Command Injection

minihttpd 1.18 - HTTP Request Escape Sequence Terminal Command Injection source: https://www.securityfocus.com/bid/37714/info Acme 'thttpd' and 'minihttpd' are prone to a command-injection vulnerability because they fail to adequately sanitize user-supplied input in logfiles. Attackers can exploi...

Cgisecurity.com Advisory #6: thttpd and mini_http Permission bypass vuln

Hello, The vendor has already sent out notices and the patches can be found on the vendors homepage listed below. - [email protected] Cgi Security Advisory 6 [email protected] Thttpd and MiniHttpd Webserver Permission Bypass Found November 2001 Public Release November 2001 Vendor Contacted...