CVE-2000-0920

Boa Web Server prior to 0.94.8.3 is affected by a directory traversal vulnerability (CVE-2000-0920) that lets remote attackers read arbitrary files by using a modified .. path with encoded dot characters (%2E) in GET requests. Root cause: improper handling of path traversal in Boa’s file access. ...

CVE-2007-4915

The CVE-2007-4915 issue affects Boa 0.93.x to 0.94.11 with Intersil isl3893 extensions, where stack writes can overwrite memory locations used for string constants. This allows a remote attacker to change the admin password stored in memory through a long username in an HTTP Basic Authentication ...