Acme Thttpd
By the Year
In 2024 there have been 0 vulnerabilities in Acme Thttpd . Thttpd did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Thttpd vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Acme Thttpd Security Vulnerabilities
thttpd.c in sthttpd before 2.26.4-r2 and thttpd 2.25b use world-readable permissions for /var/log/thttpd.log, which
CVE-2013-0348
- December 13, 2013
thttpd.c in sthttpd before 2.26.4-r2 and thttpd 2.25b use world-readable permissions for /var/log/thttpd.log, which allows local users to obtain sensitive information by reading the file.
Permissions, Privileges, and Access Controls
thttpd 2.25b0 writes data to a log file without sanitizing non-printable characters, which might
CVE-2009-4491
- January 13, 2010
thttpd 2.25b0 writes data to a log file without sanitizing non-printable characters, which might allow remote attackers to modify a window's title, or possibly execute arbitrary commands or overwrite files, via an HTTP request containing an escape sequence for a terminal emulator.
Improper Input Validation
Buffer overflow in defang in libhttpd.c for thttpd 2.21 to 2.23b1 allows remote attackers to execute arbitrary code via requests
CVE-2003-0899
9.8 - Critical
- November 03, 2003
Buffer overflow in defang in libhttpd.c for thttpd 2.21 to 2.23b1 allows remote attackers to execute arbitrary code via requests that contain '<' or '>' characters, which trigger the overflow when the characters are expanded to "<" and ">" sequences.
Incorrect Calculation of Buffer Size
Off-by-one buffer overflow in Basic Authentication in Acme Labs thttpd 1.95 through 2.20
CVE-2001-1496
9.8 - Critical
- December 31, 2001
Off-by-one buffer overflow in Basic Authentication in Acme Labs thttpd 1.95 through 2.20 allows remote attackers to cause a denial of service and possibly execute arbitrary code.
off-by-five
Acme Thttpd Secure Webserver before 2.22, with the chroot option enabled
CVE-2001-0892
- November 13, 2001
Acme Thttpd Secure Webserver before 2.22, with the chroot option enabled, allows remote attackers to view sensitive files under the document root (such as .htpasswd) via a GET request with a trailing /.
Exposure of Resource to Wrong Sphere
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Acme Thttpd or by Acme? Click the Watch button to subscribe.
