CVE-1999-1456

Description

thttpd HTTP server 2.03 and earlier allows remote attackers to read arbitrary files via a GET request with more than one leading / (slash) character in the filename.

Severity

Overall Severity: N/A

CVSS Metrics

Type	Score	Severity	Vector

Affected Products

References

• http://www.acme.com/software/thttpd/thttpd.html#releasenotes
• http://www.securityfocus.com/archive/1/10368
  ExploitVendor Advisory
• https://exchange.xforce.ibmcloud.com/vulnerabilities/1809
• http://www.acme.com/software/thttpd/thttpd.html#releasenotes
• http://www.securityfocus.com/archive/1/10368
  ExploitVendor Advisory
• https://exchange.xforce.ibmcloud.com/vulnerabilities/1809