5
CVE-2010-2320
- EPSS 2.39%
- Veröffentlicht 02.08.2010 20:40:01
- Zuletzt bearbeitet 16.06.2026 23:20:32
- Quelle cve@mitre.org
- CVE-Watchlists
- Unerledigt
bozotic HTTP server (aka bozohttpd) before 20100621 allows remote attackers to list the contents of home directories, and determine the existence of user accounts, via multiple requests for URIs beginning with /~ sequences.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 2.39% | 0.817 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 5 | 10 | 2.9 |
AV:N/AC:L/Au:N/C:P/I:N/A:N
|
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=590298
http://www.eterna.com.au/bozohttpd/CHANGES
http://secunia.com/advisories/40737
http://security-tracker.debian.org/tracker/CVE-2010-2320
https://bugs.launchpad.net/ubuntu/+source/bozohttpd/+bug/582473
https://exchange.xforce.ibmcloud.com/vulnerabilities/60812