2 matches found
thttpd buffer overflow vulnerability
thttpd is a lightweight open source web server from ACME Labs. A buffer overflow vulnerability exists in thttpd version 2007. The vulnerability stems from a web system or product performing operations in memory without properly validating data boundaries, resulting in incorrect read and write...
thttpd ssi Servlet Encoded Traversal Arbitrary File Access
The version of thttpd running on the remote host comes with a CGI script, 'ssi', that fails to completely sanitize its PATHTRANSLATED argument of encoded directory sequences. An unauthenticated, remote attacker can use this issue to read arbitrary files on the remote host, subject to the privileg...