3 matches found
CVE-2014-5015
CVE-2014-5015 affects bozotic HTTP server (bozohttpd) used in NetBSD. The vulnerability arises from truncating paths when checking .htpasswd restrictions, enabling remote attackers to bypass HTTP authentication and access restricted resources via a long path. Affected software: bozohttpd prior to...
CVE-2010-2195
CVE-2010-2195 affects bozotic HTTP server (bozohttpd) versions 20090522–20100512. Multiple connected sources (OpenVAS NASLs) describe a Denial of Service vulnerability related to a “wrong code generation interaction with GCC.” The NVD entry confirms the DoS vector. Documented impact is a partial ...
CVE-2010-2320
CVE-2010-2320 affects bozotic HTTP server (bozohttpd). The OpenVAS entries describe an information disclosure vulnerability and a security bypass that lets remote attackers list home-directory contents and infer user accounts by requesting URIs beginning with /~. The NVD description confirms the ...