Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-0733

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-0733
Last Modified 05 Sep 2008 04:28:48
Published 12 Aug 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-0733

Summary

Cross-site scripting vulnerability in thttpd 2.20 and earlier allows remote attackers to execute arbitrary script via a URL to a nonexistent page, which causes thttpd to insert the script into a 404 error message.

Vulnerable Systems

Application

  • Acme Labs Thttpd 2.20b


References

BID - 4601

XF - thttpd-error-page-css(9029)

MISC - http://www.ifrance.com/kitetoua/tuto/5holes1.txt

CONFIRM - http://www.acme.com/software/thttpd/#releasenotes

VULNWATCH - 20020417 Smalls holes on 5 products #1

OSVDB - 5125


Last Updated: 27 May 2016 10:37:03