CVE-2010-2320
N/A
N/A
Summary
bozotic HTTP server (aka bozohttpd) before 20100621 allows remote attackers to list the contents of home directories, and determine the existence of user accounts, via multiple requests for URIs beginning with /~ sequences.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | n/a | n/a | affected |
Weaknesses
- n/a
ADP Enrichment
CVE Program Container
Additional References
- http://www.eterna.com.au/bozohttpd/CHANGES
- http://secunia.com/advisories/40737
- https://exchange.xforce.ibmcloud.com/vulnerabilities/60812
- http://security-tracker.debian.org/tracker/CVE-2010-2320
- https://bugs.launchpad.net/ubuntu/+source/bozohttpd/+bug/582473
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=590298
References
- http://www.eterna.com.au/bozohttpd/CHANGES
- http://secunia.com/advisories/40737
- https://exchange.xforce.ibmcloud.com/vulnerabilities/60812
- http://security-tracker.debian.org/tracker/CVE-2010-2320
- https://bugs.launchpad.net/ubuntu/+source/bozohttpd/+bug/582473
- http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=590298
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.