CVE-2007-6404

Published: Dec 17, 2007

Modified: Aug 7, 2024

PUBLISHED

Description

Directory traversal vulnerability in Sergey Lyubka Simple HTTPD (shttpd) 1.38 and earlier on Windows allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in the URI.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20071207 Two vulnerabilities in Simple HTTPD 1.38

mailing-list

x_refsource_BUGTRAQ

3457

third-party-advisory

x_refsource_SREASON

44013

vdb-entry

x_refsource_OSVDB

4700

exploit

x_refsource_EXPLOIT-DB

26768

vdb-entry

x_refsource_BID

[shttpd-general] 20071203 Security bugs in SHTTPD

mailing-list

x_refsource_MLIST

http://aluigi.altervista.org/adv/shttpd-adv.txt

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2007-6404

Description

Affected Products

References