Acme 'thttpd' and 'mini_httpd' are prone to a command-injection vulnerability because they fail to adequately sanitize user-supplied input in logfiles. Attackers can exploit this issue to execute arbitrary commands in a terminal. This issue affects thttpd 2.25b and mini_httpd 1.19 other versions may also be affected.
- Apache Tomcat 'Transfer-Encoding' Information Disclosure and Denial Of Service Vulnerabilities
- AOLServer Terminal Escape Sequence in Logs Command Injection Vulnerability
- bozohttpd Security Bypass Vulnerability
- LiteSpeed Web Server Source Code Information Disclosure Vulnerability
- CUPS Information Disclosure Vulnerability