MidnightBSD

Advisories for webfs

CVE-2003-0445 HIGH

Buffer overflow in webfs before 1.17.1 allows remote attackers to execute arbitrary code via an HTTP request with a long Request-URI.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
webfs webfs *
CVE-2003-0832 MEDIUM

Directory traversal vulnerability in webfs before 1.20 allows remote attackers to read arbitrary files via .. (dot dot) sequences in a Hostname header.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
webfs webfs 1.20
webfs webfs 1.18
webfs webfs 1.19
webfs webfs 1.17
CVE-2003-0833 HIGH

Stack-based buffer overflow in webfs before 1.20 allows attackers to execute arbitrary code by creating directories that result in a long pathname.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
webfs webfs 1.20
webfs webfs 1.18
webfs webfs 1.19
webfs webfs 1.17
CVE-2013-0347 HIGH

The Gentoo init script for webfs uses world-readable permissions for /var/log/webfsd.log, which allows local users to have unspecified impact by reading the file.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-200,

Products Affected

Vendor Product Version
webfs webfs -