thttpd Host Header Traversal Arbitrary File Access

Medium Nessus Plugin ID 11576


It may be possible to read arbitrary files from the remote system.


The remote HTTP server allows anyone to browse the files on the remote host by sending HTTP requests with a Host: field set to '../../'.


Upgrade to thttpd 2.23 or newer.

Plugin Details

Severity: Medium

ID: 11576

File Name: thttpd_virtualhost_escape.nasl

Version: $Revision: 1.17 $

Type: remote

Family: Web Servers

Published: 2003/05/06

Modified: 2016/11/23

Dependencies: 10107

Risk Information

Risk Factor: Medium


Base Score: 5

Temporal Score: 4.3

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Temporal Vector: CVSS2#E:H/RL:OF/RC:C

Vulnerability Information

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 2002/10/31

Reference Information

CVE: CVE-2002-1562, CVE-2003-0899

BID: 8924, 8906

OSVDB: 2729, 7359

SuSE: SUSE-SA:2003:044

CWE: 119