Off-by-one buffer overflow in Basic Authentication in Acme Labs thttpd 1.95 through 2.20 allows remote attackers to cause a denial of service and possibly execute arbitrary code.
References
Link | Resource |
---|---|
http://www.securityfocus.com/archive/1/241310 | Broken Link Third Party Advisory VDB Entry |
http://www.securityfocus.com/archive/1/241953 | Broken Link Third Party Advisory VDB Entry |
http://www.securityfocus.com/bid/3562 | Broken Link Third Party Advisory VDB Entry |
https://exchange.xforce.ibmcloud.com/vulnerabilities/7595 | Third Party Advisory VDB Entry |
http://www.securityfocus.com/archive/1/241310 | Broken Link Third Party Advisory VDB Entry |
http://www.securityfocus.com/archive/1/241953 | Broken Link Third Party Advisory VDB Entry |
http://www.securityfocus.com/bid/3562 | Broken Link Third Party Advisory VDB Entry |
https://exchange.xforce.ibmcloud.com/vulnerabilities/7595 | Third Party Advisory VDB Entry |
Configurations
History
20 Nov 2024, 23:37
Type | Values Removed | Values Added |
---|---|---|
References | () http://www.securityfocus.com/archive/1/241310 - Broken Link, Third Party Advisory, VDB Entry | |
References | () http://www.securityfocus.com/archive/1/241953 - Broken Link, Third Party Advisory, VDB Entry | |
References | () http://www.securityfocus.com/bid/3562 - Broken Link, Third Party Advisory, VDB Entry | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/7595 - Third Party Advisory, VDB Entry |
08 Feb 2024, 02:19
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : 7.5
v3 : 9.8 |
CWE | CWE-193 | |
First Time |
Acme
Acme thttpd |
|
CPE | cpe:2.3:a:acme_labs:thttpd:2.13:*:*:*:*:*:*:* cpe:2.3:a:acme_labs:thttpd:2.18:*:*:*:*:*:*:* cpe:2.3:a:acme_labs:thttpd:2.11:*:*:*:*:*:*:* cpe:2.3:a:acme_labs:thttpd:2.15:*:*:*:*:*:*:* cpe:2.3:a:acme_labs:thttpd:2.10:*:*:*:*:*:*:* cpe:2.3:a:acme_labs:thttpd:2.0.6:*:*:*:*:*:*:* cpe:2.3:a:acme_labs:thttpd:2.0.4:*:*:*:*:*:*:* cpe:2.3:a:acme_labs:thttpd:2.0.9:*:*:*:*:*:*:* cpe:2.3:a:acme_labs:thttpd:2.0:*:*:*:*:*:*:* cpe:2.3:a:acme_labs:thttpd:2.0.5:*:*:*:*:*:*:* cpe:2.3:a:acme_labs:thttpd:2.14:*:*:*:*:*:*:* cpe:2.3:a:acme_labs:thttpd:2.20b:*:*:*:*:*:*:* cpe:2.3:a:acme_labs:thttpd:2.17:*:*:*:*:*:*:* cpe:2.3:a:acme_labs:thttpd:2.0.7:*:*:*:*:*:*:* cpe:2.3:a:acme_labs:thttpd:2.12:*:*:*:*:*:*:* cpe:2.3:a:acme_labs:thttpd:1.95:*:*:*:*:*:*:* cpe:2.3:a:acme_labs:thttpd:2.16:*:*:*:*:*:*:* cpe:2.3:a:acme_labs:thttpd:2.0.8:*:*:*:*:*:*:* cpe:2.3:a:acme_labs:thttpd:2.0.3:*:*:*:*:*:*:* cpe:2.3:a:acme_labs:thttpd:2.19:*:*:*:*:*:*:* cpe:2.3:a:acme_labs:thttpd:2.0.1:*:*:*:*:*:*:* cpe:2.3:a:acme_labs:thttpd:2.20:*:*:*:*:*:*:* |
cpe:2.3:a:acme:thttpd:*:*:*:*:*:*:*:* |
References | () http://www.securityfocus.com/archive/1/241310 - Broken Link, Third Party Advisory, VDB Entry | |
References | () http://www.securityfocus.com/archive/1/241953 - Broken Link, Third Party Advisory, VDB Entry | |
References | () http://www.securityfocus.com/bid/3562 - Broken Link, Third Party Advisory, VDB Entry | |
References | () https://exchange.xforce.ibmcloud.com/vulnerabilities/7595 - Third Party Advisory, VDB Entry |
Information
Published : 2001-12-31 05:00
Updated : 2024-11-20 23:37
NVD link : CVE-2001-1496
Mitre link : CVE-2001-1496
CVE.ORG link : CVE-2001-1496
JSON object : View
Products Affected
acme
- thttpd
CWE
CWE-193
Off-by-one Error