CVE Tools

acme labs

Networking Infrastructurecommercial

13

Cumulative CVEs

9

Monthly snapshots

#24

Peak rank

Top products

Latest CVEs

The 13 most recently published vulnerabilities affecting acme labs.

CVE-2007-0664thttpd before 2.25b-r6 in Gentoo Linux is started from the system root directory (/) by the Gentoo baselayout 1.12.6 package, which allows remote attackers to read arbitrary files.5.0Feb 2, 2007
CVE-2006-4248thttpd on Debian GNU/Linux, and possibly other distributions, allows local users to create or touch arbitrary files via a symlink attack on the start_thttpd temporary file.7.2Oct 31, 2006
CVE-2006-1079htpasswd, as used in Acme thttpd 2.25b and possibly other products such as Apache, might allow local users to gain privileges via shell metacharacters in a command line argument, which is used in a...7.2Mar 9, 2006
CVE-2006-1078Multiple buffer overflows in htpasswd, as used in Acme thttpd 2.25b, and possibly other products such as Apache, might allow local users to gain privileges via (1) a long command line argument and ...8.4Mar 9, 2006
CVE-2005-4162Cross-site scripting (XSS) vulnerability in cal_make.pl in ACME PerlCal 2.99.20 allows remote attackers to inject arbitrary web script or HTML via the p0 parameter.4.3Dec 11, 2005
CVE-2004-2628Multiple directory traversal vulnerabilities in thttpd 2.07 beta 0.4, when running on Windows, allow remote attackers to read arbitrary files via a URL that contains (1) a hex-encoded backslash dot...5.0Dec 4, 2005
CVE-2005-3124syslogtocern in Acme thttpd before 2.23 allows local users to write arbitrary files via a symlink attack on a temporary file.2.1Nov 6, 2005
CVE-2002-1562Directory traversal vulnerability in thttpd, when using virtual hosting, allows remote attackers to read arbitrary files via .. (dot dot) sequences in the Host: header.5.0Apr 26, 2003
CVE-2002-0733Cross-site scripting vulnerability in thttpd 2.20 and earlier allows remote attackers to execute arbitrary script via a URL to a nonexistent page, which causes thttpd to insert the script into a 40...7.5Apr 2, 2003
CVE-2001-0748Acme.Serve 1.7, as used in Cisco Secure ACS Unix and possibly other products, allows remote attackers to read arbitrary files by prepending several / (slash) characters to the URI.5.0Apr 2, 2003
CVE-2001-0463Directory traversal vulnerability in cal_make.pl in PerlCal allows remote attackers to read arbitrary files via a .. (dot dot) in the p0 parameter.5.0Mar 9, 2002
CVE-2000-0900Directory traversal vulnerability in ssi CGI program in thttpd 2.19 and earlier allows remote attackers to read arbitrary files via a "%2e%2e" string, a variation of the .. (dot dot) attack.7.5Jan 22, 2001
CVE-2000-0359Buffer overflow in Trivial HTTP (THTTPd) allows remote attackers to cause a denial of service or execute arbitrary commands via a long If-Modified-Since header.10.0Jul 12, 2000