Описание
thttpd.c in sthttpd before 2.26.4-r2 and thttpd 2.25b use world-readable permissions for /var/log/thttpd.log, which allows local users to obtain sensitive information by reading the file.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| thttpd | removed | package | ||
| thttpd | no-dsa | squeeze | package |
Примечания
http://blogs.gentoo.org/blueness/2014/10/03/sthttpd-a-very-tiny-and-very-fast-http-server-with-a-mature-codebase/
EPSS
Процентиль: 11%
0.00037
Низкий
Связанные уязвимости
nvd
около 12 лет назад
thttpd.c in sthttpd before 2.26.4-r2 and thttpd 2.25b use world-readable permissions for /var/log/thttpd.log, which allows local users to obtain sensitive information by reading the file.
github
почти 4 года назад
thttpd.c in sthttpd before 2.26.4-r2 and thttpd 2.25b use world-readable permissions for /var/log/thttpd.log, which allows local users to obtain sensitive information by reading the file.
EPSS
Процентиль: 11%
0.00037
Низкий