Off-by-one buffer overflow in Basic Authentication in Acme Labs thttpd 1.95 through 2.20 allows remote attackers to cause a denial of service and possibly execute arbitrary code.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Thttpd | Acme_labs | 1.95 | 1.95 |
| Thttpd | Acme_labs | 2.0 | 2.0 |
| Thttpd | Acme_labs | 2.0.1 | 2.0.1 |
| Thttpd | Acme_labs | 2.0.2 | 2.0.2 |
| Thttpd | Acme_labs | 2.0.3 | 2.0.3 |
| Thttpd | Acme_labs | 2.0.4 | 2.0.4 |
| Thttpd | Acme_labs | 2.0.5 | 2.0.5 |
| Thttpd | Acme_labs | 2.0.6 | 2.0.6 |
| Thttpd | Acme_labs | 2.0.7 | 2.0.7 |
| Thttpd | Acme_labs | 2.0.8 | 2.0.8 |
| Thttpd | Acme_labs | 2.0.9 | 2.0.9 |
| Thttpd | Acme_labs | 2.10 | 2.10 |
| Thttpd | Acme_labs | 2.11 | 2.11 |
| Thttpd | Acme_labs | 2.12 | 2.12 |
| Thttpd | Acme_labs | 2.13 | 2.13 |
| Thttpd | Acme_labs | 2.14 | 2.14 |
| Thttpd | Acme_labs | 2.15 | 2.15 |
| Thttpd | Acme_labs | 2.16 | 2.16 |
| Thttpd | Acme_labs | 2.17 | 2.17 |
| Thttpd | Acme_labs | 2.18 | 2.18 |
| Thttpd | Acme_labs | 2.19 | 2.19 |
| Thttpd | Acme_labs | 2.20 | 2.20 |
| Thttpd | Acme_labs | 2.20b | 2.20b |