CVE-2010-2320

{"id": "CVE-2010-2320", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 5.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "authentication": "NONE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 2.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 10.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2010-08-02T20:40:01.060", "references": [{"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=590298", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "http://secunia.com/advisories/40737", "tags": ["Vendor Advisory"], "source": "cve@mitre.org"}, {"url": "http://security-tracker.debian.org/tracker/CVE-2010-2320", "source": "cve@mitre.org"}, {"url": "http://www.eterna.com.au/bozohttpd/CHANGES", "source": "cve@mitre.org"}, {"url": "https://bugs.launchpad.net/ubuntu/+source/bozohttpd/+bug/582473", "tags": ["Exploit"], "source": "cve@mitre.org"}, {"url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/60812", "source": "cve@mitre.org"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-264"}]}], "descriptions": [{"lang": "en", "value": "bozotic HTTP server (aka bozohttpd) before 20100621 allows remote attackers to list the contents of home directories, and determine the existence of user accounts, via multiple requests for URIs beginning with /~ sequences."}, {"lang": "es", "value": "bozotic HTTP server (tambi\u00e9n conocido como bozohttpd), en versiones anteriores a la 20100621, permite a atacantes remotos listar el contenido de los directorios home y conocer las cuentas de usuario mediante m\u00faltiples peticiones a URIs que empiezan con secuencias /~."}], "lastModified": "2017-08-17T01:32:41.557", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:eterna:bozohttpd:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D910A925-6561-46D1-AF53-97B9E10909DA", "versionEndIncluding": "20100617"}, {"criteria": "cpe:2.3:a:eterna:bozohttpd:19990519:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A5BA38EE-559D-4341-8291-788C74EE4346"}, {"criteria": "cpe:2.3:a:eterna:bozohttpd:20000421:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "930F7A3F-A7C8-4603-A4E5-9AB3C27F7355"}, {"criteria": "cpe:2.3:a:eterna:bozohttpd:20000426:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "F0A6287D-F9C0-4934-84CA-22572806AE26"}, {"criteria": "cpe:2.3:a:eterna:bozohttpd:20000427:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "0A9C2032-F26A-4D5B-A631-4EA68ABD4FE1"}, {"criteria": "cpe:2.3:a:eterna:bozohttpd:20000815:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "860DBF31-9655-417A-B2C7-5F389B675FB6"}, {"criteria": "cpe:2.3:a:eterna:bozohttpd:20000825:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E72B5243-904B-4E12-BD28-DDF03EEF6B45"}, {"criteria": "cpe:2.3:a:eterna:bozohttpd:20010610:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7FC42DDE-41C9-4DAA-8EB5-CC5D5FFDCCC9"}, {"criteria": "cpe:2.3:a:eterna:bozohttpd:20010812:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "17457601-F61A-444D-8E33-0FE0ED723F61"}, {"criteria": "cpe:2.3:a:eterna:bozohttpd:20010922:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "20EAEC35-E205-4717-826D-F4D1FCA6DC6C"}, {"criteria": "cpe:2.3:a:eterna:bozohttpd:20020710:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EA4A13CA-DCB0-4C1F-A3DA-27A36BC116B8"}, {"criteria": "cpe:2.3:a:eterna:bozohttpd:20020730:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "3D86758B-C34A-4689-9B3A-9CF614D2E4F9"}, {"criteria": "cpe:2.3:a:eterna:bozohttpd:20020803:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "732DBCCD-B38A-47B7-BD4B-4EE4CF370AF2"}, {"criteria": "cpe:2.3:a:eterna:bozohttpd:20020804:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "9FB916FC-4FB9-48EF-8D46-26C29D35DCD0"}, {"criteria": "cpe:2.3:a:eterna:bozohttpd:20020823:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EAB26F26-3B1E-44BB-A8D1-FB823C2759B7"}, {"criteria": "cpe:2.3:a:eterna:bozohttpd:20020913:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "5D2148E4-FB12-4613-8F55-1AB364363BFB"}, {"criteria": "cpe:2.3:a:eterna:bozohttpd:20021106:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C8EFEEB4-07C3-459F-A807-12A21AFD94F9"}, {"criteria": "cpe:2.3:a:eterna:bozohttpd:20030313:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "30FA69A8-657F-44A0-999D-89EA7E24072E"}, {"criteria": "cpe:2.3:a:eterna:bozohttpd:20030409:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "B41528DD-A3C0-40D9-9DCC-4C7962337BAA"}, {"criteria": "cpe:2.3:a:eterna:bozohttpd:20030626:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "274EC529-8C50-44C3-96AE-9C636C9183B5"}, {"criteria": "cpe:2.3:a:eterna:bozohttpd:20031005:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "38A29464-13AF-474E-B0F6-BF65F44B3EE6"}, {"criteria": "cpe:2.3:a:eterna:bozohttpd:20040218:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "579B9F00-9093-4D4B-9F19-0FBDA141FD31"}, {"criteria": "cpe:2.3:a:eterna:bozohttpd:20040808:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "AB017665-6823-407E-AFF3-5A8C1848B3E6"}, {"criteria": "cpe:2.3:a:eterna:bozohttpd:20050410:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "13BE5871-6AB5-4A4B-BD7B-59D7D6161867"}, {"criteria": "cpe:2.3:a:eterna:bozohttpd:20060517:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7E00FD78-FCBF-4D10-AC00-73B6838758B0"}, {"criteria": "cpe:2.3:a:eterna:bozohttpd:20060710:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "162B8DC7-76B5-45E3-8DF3-62C32AB0FB2B"}, {"criteria": "cpe:2.3:a:eterna:bozohttpd:20080303:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C7BAA49A-41BA-436B-902C-FCDE8C156C2E"}, {"criteria": "cpe:2.3:a:eterna:bozohttpd:20090417:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A8280988-55E3-4A94-93E3-1064A8B54C8E"}, {"criteria": "cpe:2.3:a:eterna:bozohttpd:20090522:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A1668326-2B90-4D98-859C-CFDFD7811E13"}, {"criteria": "cpe:2.3:a:eterna:bozohttpd:20100509:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "620F61ED-B77F-48B7-93EA-7089A9C0BBE9"}, {"criteria": "cpe:2.3:a:eterna:bozohttpd:20100512:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "C4F081AF-5022-44B4-BBB7-108374DDFADB"}], "operator": "OR"}]}], "sourceIdentifier": "cve@mitre.org"}