CVE-2008-0408
N/A
N/A
Summary
HTTP File Server (HFS) before 2.2c allows remote attackers to append arbitrary text to the log file by using the base64 representation of this text during HTTP Basic Authentication.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/39876
- http://www.securityfocus.com/archive/1/486874/100/0/threaded
- http://www.rejetto.com/hfs/?f=wn
- http://www.securityfocus.com/bid/27423
- http://www.syhunt.com/advisories/hfs-1-username.txt
- http://www.syhunt.com/advisories/hfshack.txt
- http://secunia.com/advisories/28631
- http://securityreason.com/securityalert/3582
References
- https://exchange.xforce.ibmcloud.com/vulnerabilities/39876
- http://www.securityfocus.com/archive/1/486874/100/0/threaded
- http://www.rejetto.com/hfs/?f=wn
- http://www.securityfocus.com/bid/27423
- http://www.syhunt.com/advisories/hfs-1-username.txt
- http://www.syhunt.com/advisories/hfshack.txt
- http://secunia.com/advisories/28631
- http://securityreason.com/securityalert/3582
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.