what you don't know can hurt you

Register | Login

Home Files News &[SERVICES_TAB]About Contact Add New

FreeBSD Security Advisory 2000.73

FreeBSD Security Advisory 2000.73: Posted Nov 26, 2000; Authored by The FreeBSD Project | Site freebsd.org; FreeBSD Security Advisory FreeBSD-SA-00:73 - The thttpd port, versions prior to 2.20, allows remote viewing of arbitrary files on the local server. The 'ssi' cgi script does not correctly restrict URL-encoded requests containing ".." in the path. In addition, the cgi script does not have the same restrictions as the web server for preventing requests outside of the web root. These two flaws allow remote users to access any file on the system accessible to the web server user (user 'nobody' in the default configuration).; tags | remote, web, arbitrary, local, cgi, root; systems | freebsd; SHA-256 | 1210c9a3793c9fb08ef4e606ba72b7bca4134f0c2984df6629ecd32948baebf5; Download | Favorite | View

FreeBSD Security Advisory 2000.73

Change Mirror Download

Top Authors In Last 30 Days

Red Hat 223 files
Ubuntu 61 files
Debian 20 files
LiquidWorm 20 files
Apple 9 files
indoushka 5 files
Gentoo 5 files
Google Security Research 4 files
Alter Prime 3 files
Chokri Hammedi 3 files

File Tags

File Archives

Systems

AIX (430)
Apple (2,126)
BSD (378)
CentOS (61)
Cisco (1,954)
Debian (7,160)
Fedora (1,693)
FreeBSD (1,247)
Gentoo (4,604)
HPUX (881)
iOS (393)
iPhone (108)
IRIX (220)
Juniper (71)
Linux (51,842)
Mac OS X (696)
Mandriva (3,105)
NetBSD (256)
OpenBSD (490)
RedHat (17,249)
Slackware (941)
Solaris (1,615)
SUSE (1,444)
Ubuntu (9,975)
UNIX (9,474)
UnixWare (188)
Windows (6,784)
Other

packet storm

© 2024 Packet Storm. All rights reserved.

Site Links: News by Month; News Tags; Files by Month; File Tags; File Directory

About Us: History & Purpose; Contact Information; Terms of Service; Privacy Statement; Copyright Information

Services: Security Services
Hosting By: Rokasec