Webfs: Security Vulnerabilities
The Gentoo init script for webfs uses world-readable permissions for /var/log/webfsd.log, which allows local users to have unspecified impact by reading the file.
CVSS Score
7.2
EPSS Score
0.001
Published
2014-11-16
Directory traversal vulnerability in webfs before 1.20 allows remote attackers to read arbitrary files via .. (dot dot) sequences in a Hostname header.
CVSS Score
5.0
EPSS Score
0.008
Published
2003-11-17
Stack-based buffer overflow in webfs before 1.20 allows attackers to execute arbitrary code by creating directories that result in a long pathname.
CVSS Score
7.5
EPSS Score
0.05
Published
2003-11-17
Buffer overflow in webfs before 1.17.1 allows remote attackers to execute arbitrary code via an HTTP request with a long Request-URI.
CVSS Score
7.5
EPSS Score
0.023
Published
2003-07-24