Описание
CGI handling flaw in bozohttpd in NetBSD 6.0 through 6.0.6, 6.1 through 6.1.5, and 7.0 allows remote attackers to execute arbitrary code via crafted arguments, which are handled by a non-CGI aware program.
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| bozohttpd | removed | package |
Примечания
FIX http://cvsweb.netbsd.org/bsdweb.cgi/src/libexec/httpd/bozohttpd.c.diff?r1=1.79&r2=1.80&only_with_tag=MAIN
http://ftp.NetBSD.org/pub/NetBSD/security/advisories/NetBSD-SA2016-005.txt.asc
http://www.eterna.com.au/bozohttpd/CHANGES
http://www.eterna.com.au/bozohttpd/bozohttpd-20160415.tar.bz2
Связанные уязвимости
CGI handling flaw in bozohttpd in NetBSD 6.0 through 6.0.6, 6.1 through 6.1.5, and 7.0 allows remote attackers to execute arbitrary code via crafted arguments, which are handled by a non-CGI aware program.
CGI handling flaw in bozohttpd in NetBSD 6.0 through 6.0.6, 6.1 through 6.1.5, and 7.0 allows remote attackers to execute arbitrary code via crafted arguments, which are handled by a non-CGI aware program.
CGI handling flaw in bozohttpd in NetBSD 6.0 through 6.0.6, 6.1 through 6.1.5, and 7.0 allows remote attackers to execute arbitrary code via crafted arguments, which are handled by a non-CGI aware program.