• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

thttpd Basic Authentication Buffer Overflow Vulnerability

Bugtraq ID:	3562
Class:	Boundary Condition Error
CVE:
Remote:	Yes
Local:	No
Published:	Nov 20 2001 12:00AM
Updated:	Nov 20 2001 12:00AM
Credit:	Discovered by GOBBLES <GOBBLES@hushmail.com> and posted to the BugTraq mailling list on November 20, 2001.
Vulnerable:	Acme thttpd 2.20 b + S.u.S.E. Linux 7.3 Acme thttpd 2.20 Acme thttpd 2.19 Acme thttpd 2.18 Acme thttpd 2.17 Acme thttpd 2.16 Acme thttpd 2.15 - S.u.S.E. Linux 6.4 Acme thttpd 2.14 Acme thttpd 2.13 Acme thttpd 2.12 Acme thttpd 2.11 Acme thttpd 2.10 Acme thttpd 2.0.9 Acme thttpd 2.0.8 Acme thttpd 2.0.7 Acme thttpd 2.0.6 Acme thttpd 2.0.5 + FREESCO FREESCO 0.3.2 + FREESCO FREESCO 0.3.1 + FREESCO FREESCO 0.3 .0 + FREESCO FREESCO 0.2.7 Acme thttpd 2.0.4 - S.u.S.E. Linux 6.3 - S.u.S.E. Linux 6.2 Acme thttpd 2.0.3 Acme thttpd 2.0.2 Acme thttpd 2.0.1 Acme thttpd 2.0 Acme thttpd 1.95
Not Vulnerable:	Acme thttpd 2.22 Acme thttpd 2.21 Acme thttpd 2.20 c + Conectiva Linux 9.0 + S.u.S.E. Linux 8.0