Vulnerability Details CVE-2001-1496
Off-by-one buffer overflow in Basic Authentication in Acme Labs thttpd 1.95 through 2.20 allows remote attackers to cause a denial of service and possibly execute arbitrary code.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.191
EPSS Ranking 95.0%
CVSS Severity
CVSS v3 Score 9.8
CVSS v2 Score 7.5
References
- http://www.securityfocus.com/archive/1/241310
- http://www.securityfocus.com/archive/1/241953
- http://www.securityfocus.com/bid/3562
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7595
- http://www.securityfocus.com/archive/1/241310
- http://www.securityfocus.com/archive/1/241953
- http://www.securityfocus.com/bid/3562
- https://exchange.xforce.ibmcloud.com/vulnerabilities/7595
Products affected by CVE-2001-1496
-
cpe:2.3:a:acme:thttpd:1.95
-
cpe:2.3:a:acme:thttpd:2.00
-
cpe:2.3:a:acme:thttpd:2.01
-
cpe:2.3:a:acme:thttpd:2.02
-
cpe:2.3:a:acme:thttpd:2.03
-
cpe:2.3:a:acme:thttpd:2.04
-
cpe:2.3:a:acme:thttpd:2.05
-
cpe:2.3:a:acme:thttpd:2.06
-
cpe:2.3:a:acme:thttpd:2.07
-
cpe:2.3:a:acme:thttpd:2.08
-
cpe:2.3:a:acme:thttpd:2.09
-
cpe:2.3:a:acme:thttpd:2.10
-
cpe:2.3:a:acme:thttpd:2.11
-
cpe:2.3:a:acme:thttpd:2.12
-
cpe:2.3:a:acme:thttpd:2.13
-
cpe:2.3:a:acme:thttpd:2.14
-
cpe:2.3:a:acme:thttpd:2.15
-
cpe:2.3:a:acme:thttpd:2.16
-
cpe:2.3:a:acme:thttpd:2.17
-
cpe:2.3:a:acme:thttpd:2.18
-
cpe:2.3:a:acme:thttpd:2.19
-
cpe:2.3:a:acme:thttpd:2.20