Skip to main content

Bozohttpd

1 CVEs product

Monthly

CVE-2014-5015 MEDIUM PATCH This Month

bozotic HTTP server (aka bozohttpd) before 20140708, as used in NetBSD, truncates paths when checking .htpasswd restrictions, which allows remote attackers to bypass the HTTP authentication scheme. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Bozohttpd Netbsd
NVD
CVSS 2.0
5.0
EPSS
0.6%
EPSS 1% CVSS 5.0
MEDIUM PATCH This Month

bozotic HTTP server (aka bozohttpd) before 20140708, as used in NetBSD, truncates paths when checking .htpasswd restrictions, which allows remote attackers to bypass the HTTP authentication scheme. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity.

Privilege Escalation Bozohttpd Netbsd
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy