thttpd.c in sthttpd before 2.26.4-r2 and thttpd 2.25b use world-readable permissions for /var/log/thttpd.log, which allows local users to obtain sensitive information by reading the file.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
History
13 Feb 2023, 04:41
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2013-12-13 18:07
Updated : 2023-12-10 11:16
NVD link : CVE-2013-0348
Mitre link : CVE-2013-0348
CVE.ORG link : CVE-2013-0348
JSON object : View
Products Affected
fedoraproject
- fedora
opensuse
- opensuse
gentoo
- linux
acme
- thttpd
open_source_development_team
- sthttpd
CWE
CWE-264
Permissions, Privileges, and Access Controls