Gentoo Linux Acme Thttpd File Access Information Dislosure Vulnerability
BID:22349
Info
Gentoo Linux Acme Thttpd File Access Information Dislosure Vulnerability
| Bugtraq ID: | 22349 |
| Class: | Configuration Error |
| CVE: |
CVE-2007-0664 |
| Remote: | Yes |
| Local: | No |
| Published: | Jan 31 2007 12:00AM |
| Updated: | May 12 2015 07:34PM |
| Credit: | This issue was disclosed in the referenced Gentoo advisory. |
| Vulnerable: |
Gentoo Linux |
| Not Vulnerable: | |
Discussion
Gentoo Linux Acme Thttpd File Access Information Dislosure Vulnerability
Acme Thttpd distributed with Gentoo Linux is prone to a vulnerability that allows attackers to access arbitrary files. This issue is due to a configuration error.
Remote attackers may exploit this issue to access arbitrary files that are readable by the 'thttpd' process. Information disclosed may lead to other attacks.
Acme Thttpd distributed with Gentoo Linux is prone to a vulnerability that allows attackers to access arbitrary files. This issue is due to a configuration error.
Remote attackers may exploit this issue to access arbitrary files that are readable by the 'thttpd' process. Information disclosed may lead to other attacks.
Exploit / POC
Gentoo Linux Acme Thttpd File Access Information Dislosure Vulnerability
An attacker may exploit this issue using a web browser.
An attacker may exploit this issue using a web browser.
Solution / Fix
Gentoo Linux Acme Thttpd File Access Information Dislosure Vulnerability
Solution:
The vendor released an advisory and fixes to address this issue. Please see the references for more information.
Solution:
The vendor released an advisory and fixes to address this issue. Please see the references for more information.
References
Gentoo Linux Acme Thttpd File Access Information Dislosure Vulnerability
References:
References:
- Gentoo Homepage (Gentoo)
- thttpd Homepage (Acme)