- Home
- CVEs with nessus.description==Several vulnerabilities have been discovered in thttpd, a tiny HTTP
server.
The Common Vulnerabilities and Exposures project identifies the
following vulnerabilities :
- CAN-2002-1562: Information leak
Marcus Breiing discovered that if thttpd it is used for
virtual hosting, and an attacker supplies a specially
crafted 'Host:' header with a pathname instead of a
hostname, thttpd will reveal information about the host
system. Hence, an attacker can browse the entire disk.
- CAN-2003-0899: Arbitrary code execution
Joel Soderberg and Christer Oberg discovered a remote
overflow which allows an attacker to partially overwrite
the EBP register and hence execute arbitrary code.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top