CVE Vulnerabilities

CVE-2013-0348

Published: Dec 13, 2013 | Modified: Feb 13, 2023
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
2.1 LOW
AV:L/AC:L/Au:N/C:P/I:N/A:N
RedHat/V2
RedHat/V3
Ubuntu

thttpd.c in sthttpd before 2.26.4-r2 and thttpd 2.25b use world-readable permissions for /var/log/thttpd.log, which allows local users to obtain sensitive information by reading the file.

Affected Software

Name Vendor Start Version End Version
Sthttpd Open_source_development_team 2.26.3 2.26.3
Sthttpd Open_source_development_team 2.26 2.26
Sthttpd Open_source_development_team 2.26.1 2.26.1
Sthttpd Open_source_development_team 2.26.2 2.26.2
Sthttpd Open_source_development_team * 2.26.4

References