RSS   Podatności dla 'Miniweb http server'   RSS

2008-01-17
 
CVE-2008-0338

 

 
Directory traversal vulnerability in the mwGetLocalFileName function in http.c in MiniWeb HTTP Server 0.8.19 allows remote attackers to read arbitrary files and list arbitrary directories via a (1) .%2e (partially encoded dot dot) or (2) %2e%2e (encoded dot dot) in the URI.

 
 
CVE-2008-0337

 

 
Heap-based buffer overflow in the _mwProcessReadSocket function in http.c in MiniWeb HTTP Server 0.8.19 allows remote attackers to execute arbitrary code via a long URI.

 
2007-06-11
 
CVE-2007-3159

 

 
http.c in MiniWeb Http Server 0.8.x allows remote attackers to cause a denial of service (application crash) via a negative value in the Content-Length HTTP header.

 


Copyright 2024, cxsecurity.com

 

Back to Top