Thttpd@* Security Vulnerabilities and Issues — Thttpd@* CVE List

Lucene search

AcmeThttpd*

4 matches found

CVE•added 2018/02/06 5:29 p.m.•439 views

CVE-2017-17663

The htpasswd implementation of mini_httpd before v1.28 and of thttpd before v2.28 is affected by a buffer overflow that can be exploited remotely to perform code execution.

9.8CVSS9.7AI score0.00773EPSS

CVE•added 2003/11/03 5:0 a.m.•67 views

CVE-2003-0899

Buffer overflow in defang in libhttpd.c for thttpd 2.21 to 2.23b1 allows remote attackers to execute arbitrary code via requests that contain '' characters, which trigger the overflow when the characters are expanded to "" sequences.

9.8CVSS9.9AI score0.36216EPSS

CVE•added 2005/06/21 4:0 a.m.•43 views

CVE-2001-1496

Off-by-one buffer overflow in Basic Authentication in Acme Labs thttpd 1.95 through 2.20 allows remote attackers to cause a denial of service and possibly execute arbitrary code.

9.8CVSS8.3AI score0.19066EPSS

CVE•added 2002/02/02 5:0 a.m.•41 views

CVE-2001-0892

Acme Thttpd Secure Webserver before 2.22, with the chroot option enabled, allows remote attackers to view sensitive files under the document root (such as .htpasswd) via a GET request with a trailing /.

5CVSS6.9AI score0.00447EPSS