230 matches found
Gentoo Security Advisory GLSA 200701-28 (thttpd)
The remote host is missing updates announced in advisory GLSA 200701-28. OpenVAS Vulnerability Test $ Description: Auto generated from Gentoo's XML based advisory Authors: Thomas Reinke Copyright: Copyright c 2008 E-Soft Inc. http://www.securityspace.com Text descriptions are largely excerpted fr...
Gentoo Security Advisory GLSA 200701-28 (thttpd)
The remote host is missing updates announced in advisory GLSA 200701-28. SPDX-FileCopyrightText: 2008 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bypass Vulnerabilities AXESSTEL
Bboyhacks bboyhacksatgmail.com AXESS.TEL CDMA 1xEV-DO FIXED WIRELESS MODEN AXW-D800 S/W Version:D2ETH10901VEBR Jun-14-2006 Default LAN IP: 192.168.0.1 http thttpd 2.25b Security Bypass Vulnerabilities basic setup http://192.168.0.1/etc/config/System.html Network...
Debian Security Advisory DSA 1205-2 (thttpd)
The remote host is missing an update to thttpd announced via advisory DSA 1205-2. Marco d'Itri discovered that thttpd, a small, fast and secure webserver, makes use of insecure temporary files when its logfiles are rotated, which might lead to a denial of service through a symlink attack. The...
Debian Security Advisory DSA 883-1 (thttpd)
The remote host is missing an update to thttpd announced via advisory DSA 883-1. Javier Fernández-Sanguino Peña from the Debian Security Audit team discovered that the syslogtocern script from thttpd, a tiny webserver, uses a temporary file insecurely, allowing a local attacker to craft a symlink...
Debian Security Advisory DSA 396-1 (thttpd)
The remote host is missing an update to thttpd announced via advisory DSA 396-1. OpenVAS Vulnerability Test $Id: deb3961.nasl 6616 2017-07-07 12:10:49Z cfischer $ Description: Auto-generated from advisory DSA 396-1 Authors: Thomas Reinke Copyright: Copyright c 2007 E-Soft Inc...
Debian: Security Advisory (DSA-883-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DSA-396)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian: Security Advisory (DSA-1205-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2008 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
GLSA-200701-28 : thttpd: Unauthenticated remote file access
The remote host is affected by the vulnerability described in GLSA-200701-28 thttpd: Unauthenticated remote file access thttpd is vulnerable to an underlying change made to the start-stop-daemon command in the current stable Gentoo baselayout package version 1.12.6. In the new version, the...
Gentoo Linux Acme Thttpd文件访问信息泄露漏洞
Gentoo Linux是一个基于源码包的Linux系统。 Gentoo的www-servers/thttpd软件包实现上存在漏洞,远程攻击者可能利用此漏洞非授权获取敏感信息。 如果在新的Gentoo baselayout中使用start-stop-daemon命令的话,就会导致thttpd在启动时将文档根设置为系统的根目录“/”,这允许非授权用户远程访问thttpd进程可读的所有系统文件。 Gentoo Linux 1.12.6 临时解决方法:...
CVE-2007-0664
thttpd before 2.25b-r6 in Gentoo Linux is started from the system root directory / by the Gentoo baselayout 1.12.6 package, which allows remote attackers to read arbitrary files...
Directory traversal
thttpd before 2.25b-r6 in Gentoo Linux is started from the system root directory / by the Gentoo baselayout 1.12.6 package, which allows remote attackers to read arbitrary files...
CVE-2007-0664
thttpd before 2.25b-r6 in Gentoo Linux is started from the system root directory / by the Gentoo baselayout 1.12.6 package, which allows remote attackers to read arbitrary files...
CVE-2007-0664
CVE-2007-0664 affects thttpd prior to 2.25b-r6 when started from the system root (/) by Gentoo baselayout 1.12.6, causing the web server root to be "/" and enabling remote attackers to read arbitrary files. The underlying change to start-stop-daemon is cited in Gentoo GLSA 200701-28 and related a...
PT-2007-2118 · Gentoo · Thttpd +1
Name of the Vulnerable Software and Affected Versions: thttpd versions prior to 2.25b-r6 Description: The issue allows remote attackers to read arbitrary files because thttpd is started from the system root directory / by the Gentoo baselayout 1.12.6 package. Recommendations: For versions prior t...
CVE-2007-0664
thttpd before 2.25b-r6 in Gentoo Linux is started from the system root directory / by the Gentoo baselayout 1.12.6 package, which allows remote attackers to read arbitrary files...
[ GLSA 200701-28 ] thttpd: Unauthenticated remote file access
Gentoo Linux Security Advisory GLSA 200701-28 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - http://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity:...
thttpd information leak
If thttpd is started from system root, system root is used as web server root directory...
thttpd: Unauthenticated remote file access
Background thttpd is a webserver designed to be simple, small, and fast. Description thttpd is vulnerable to an underlying change made to the start-stop-daemon command in the current stable Gentoo baselayout package version 1.12.6. In the new version, the start-stop-daemon command performs a "chd...