MidnightBSD

Advisories for open_source_development_team

CVE-2013-0348 LOW

thttpd.c in sthttpd before 2.26.4-r2 and thttpd 2.25b use world-readable permissions for /var/log/thttpd.log, which allows local users to obtain sensitive information by reading the file.

CVSS 2.0

Severity: LOW

Problem Type: CWE-264,

Products Affected

Vendor Product Version
opensuse opensuse 12.2
opensuse opensuse 12.3
open_source_development_team sthttpd 2.26
open_source_development_team sthttpd 2.26.2
opensuse opensuse 13.1
gentoo linux *
open_source_development_team sthttpd 2.26.3
open_source_development_team sthttpd *
acme thttpd 2.25
fedoraproject fedora 17
fedoraproject fedora 18
open_source_development_team sthttpd 2.26.1