thttpd Double Slash Request Arbitrary File Access

medium Nessus Plugin ID 10286

Synopsis

It is possible to use the remote web server to read arbitrary files on the remote system.

Description

The remote HTTP server allows an attacker to read arbitrary files on the remote host with the privileges of the web server, simply by adding a slash in front of its name.

For instance, 'GET //etc/passwd' will return the contents of the remote file '/etc/passwd'.

Solution

Upgrade your web server or change it.

Plugin Details

Severity: Medium

ID: 10286

File Name: thttpd_bug.nasl

Version: 1.36

Type: remote

Family: Web Servers

Published: 6/22/1999

Updated: 8/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.2

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Reference Information

CVE: CVE-1999-1456

Detections

Analytics