5
CVE-2001-0892
- EPSS 1.86%
- Veröffentlicht 13.11.2001 05:00:00
- Zuletzt bearbeitet 16.06.2026 21:55:10
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
Acme Thttpd Secure Webserver before 2.22, with the chroot option enabled, allows remote attackers to view sensitive files under the document root (such as .htpasswd) via a GET request with a trailing /.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 1.86% | 0.765 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
CWE-668 Exposure of Resource to Wrong Sphere
The product exposes a resource to the wrong control sphere, providing unintended actors with inappropriate access to the resource.
http://marc.info/?l=bugtraq&m=100568999726036&w=2
http://www.acme.com/software/thttpd/