CVE-2002-1562

NameCVE-2002-1562
DescriptionDirectory traversal vulnerability in thttpd, when using virtual hosting, allows remote attackers to read arbitrary files via .. (dot dot) sequences in the Host: header.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, bugtraq, EDB, Metasploit, Red Hat, Ubuntu, Gentoo, SuSE, Mageia, GitHub code/issues, web search, more)
ReferencesDSA-396
NVD severitymedium (attack range: remote)
Debian Bugs216677

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
thttpdsource(unstable)2.23beta1-2.3medium216677
thttpdsourcewoody2.21b-11.2mediumDSA-396

Search for package or bug name: Reporting problems