Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-1496

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2001-1496
Last Modified 05 Sep 2008 04:26:42
Published 31 Dec 2001 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-1496

Summary

Off-by-one buffer overflow in Basic Authentication in Acme Labs thttpd 1.95 through 2.20 allows remote attackers to cause a denial of service and possibly execute arbitrary code.

Vulnerable Systems

Application

  • Acme Labs Thttpd 1.95

  • Acme Labs Thttpd 2.0

  • Acme Labs Thttpd 2.0.1

  • Acme Labs Thttpd 2.0.2

  • Acme Labs Thttpd 2.0.3

  • Acme Labs Thttpd 2.0.4

  • Acme Labs Thttpd 2.0.5

  • Acme Labs Thttpd 2.0.6

  • Acme Labs Thttpd 2.0.7

  • Acme Labs Thttpd 2.0.8

  • Acme Labs Thttpd 2.0.9

  • Acme Labs Thttpd 2.10

  • Acme Labs Thttpd 2.11

  • Acme Labs Thttpd 2.12

  • Acme Labs Thttpd 2.13

  • Acme Labs Thttpd 2.14

  • Acme Labs Thttpd 2.15

  • Acme Labs Thttpd 2.16

  • Acme Labs Thttpd 2.17

  • Acme Labs Thttpd 2.18

  • Acme Labs Thttpd 2.19

  • Acme Labs Thttpd 2.20

  • Acme Labs Thttpd 2.20b


References

XF - thttpd-basic-authentication-bo(7595)

BID - 3562

BUGTRAQ - 20011123 Re: Off-by-one vulnerability in thttpd!!!

BUGTRAQ - 20011120 Off-by-one vulnerability in thttpd!!!


Last Updated: 27 May 2016 10:36:42