SUSE CVE-2001-1013

Apache on Red Hat Linux with with the UserDir directive enabled generates different error codes when a username exists and there is no publichtml directory and when the username does not exist, which could allow remote attackers to determine valid usernames on the server...

SUSE CVE-2008-1270

moduserdir in lighttpd 1.4.18 and earlier, when userdir.path is not set, uses a default of $HOME, which might allow remote attackers to read arbitrary files, as demonstrated by accessing the nobody directory...

SUSE CVE-2016-4975

Possible CRLF injection allowing HTTP response splitting attacks for sites which use moduserdir. This issue was mitigated by changes made in 2.4.25 and 2.2.32 which prohibit CR or LF injection into the "Location" or other outbound header key or value. Fixed in Apache HTTP Server 2.4.25 Affected...

httpd: CRLF injection allowing HTTP response splitting attacks for sites which use mod_userdir

It was found that Apache was vulnerable to a HTTP response splitting attack for sites which use moduserdir. An attacker could use this flaw to inject CRLF characters into the HTTP header and could possibly gain access to secure data...

CVE-2001-1013

Apache on Red Hat Linux with with the UserDir directive enabled generates different error codes when a username exists and there is no publichtml directory and when the username does not exist, which could allow remote attackers to determine valid usernames on the server...

Nmap NSE: HTTP UserDir Enum

This VT has been deprecated and is therefore no longer functional. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

http-userdir-enum NSE Script

Attempts to enumerate valid usernames on web servers running with the moduserdir module or similar enabled. The Apache moduserdir module allows user-specific directories to be accessed using the syntax. This script makes http requests in order to discover valid user-specific directories and infer...

FreeBSD : lighttpd -- multiple vulnerabilities (fb911e31-8ceb-11dd-bb29-000c6e274733)

Lighttpd seurity announcement : lighttpd 1.4.19, and possibly other versions before 1.5.0, does not decode the url before matching against rewrite and redirect patterns, which allows attackers to bypass rewrites rules. this can be a security problem in certain configurations if these rules are us...

lighttpd: Multiple vulnerabilities

Background lighttpd is a lightweight high-performance web server. Description Julien Cayzax discovered that an insecure default setting exists in moduserdir in lighttpd. When userdir.path is not set the default value used is $HOME. It should be noted that the "nobody" user's $HOME is "/"...

CVE-2008-1270

moduserdir in lighttpd 1.4.18 and earlier, when userdir.path is not set, uses a default of $HOME, which might allow remote attackers to read arbitrary files, as demonstrated by accessing the nobody directory...

Apache UserDir Sensitive Information Disclosure

An information leak occurs on Apache based web servers whenever the UserDir module is enabled. The vulnerability allows an external attacker to enumerate existing accounts by requesting access to their home directory and monitoring the response. OpenVAS Vulnerability Test $Id: apacheusername.nasl...

Apache HTTP Server UserDir Sensitive Information Disclosure

An information leak occurs on Apache HTTP Server based web servers whenever the UserDir module is enabled. The vulnerability allows an external attacker to enumerate existing accounts by requesting access to their home directory and monitoring the response. SPDX-FileCopyrightText: 2001 SecuriTeam...

CVE-2001-1013

Apache on Red Hat Linux with the UserDir directive enabled is affected by CVE-2001-1013. The vulnerability arises because the web server generates different error codes depending on whether a username exists and a public_html directory is present, versus when the username does not exist. This beh...

twlc-adv-plesk211201.txt

twlc security divison 21/12/2001 plesk psa allows reading of .php files Found by: supergate ./twlc Summary: Plesk is a server admnistrator used by LOTS of web hosting companies to make easy the menagement of the server. Its a really cool software!! i work with it. This bug allows you to read the...

Apache UserDir Directive Username Enumeration

When configured with the 'UserDir' option, requests to URLs containing a tilde followed by a username will redirect the user to a given subdirectory in the user home. For instance, by default, requesting /root/ displays the HTML contents from /root/publichtml/. If the username requested does not...

CVE-2001-1013

Apache on Red Hat Linux with with the UserDir directive enabled generates different error codes when a username exists and there is no publichtml directory and when the username does not exist, which could allow remote attackers to determine valid usernames on the server...

Multiple Web Server ~nobody/ Request Arbitrary File Access

It is possible to access arbitrary files on the remote web server by appending nobody/ in front of their name as in nobody/etc/passwd. This problem is due to a misconfiguration in the web server that sets 'UserDir' or its equivalent to './'. C Tenable Network Security, Inc. include"compat.inc";...