Bozohttpd Security Bypass Vulnerability Network Vulnerability

Summary

bozohttpd is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and gain access to restricted content. This can lead to other attacks. bozohttpd 20090522 and 20100509 are vulnerable other versions may also be affected.

Solution

Updates are available. Please see the references for more information.

References

http://www.eterna.com.au/bozohttpd/
https://bugs.launchpad.net/ubuntu/+source/bozohttpd/+bug/582473
https://www.securityfocus.com/bid/42021

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-2195, CVE-2010-2320
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Apache 'mod_proxy_http' 2.2.9 for Unix Timeout Handling Information Disclosure Vulnerability
GoAhead WebServer 'name' and 'address' Cross-Site Scripting Vulnerabilities
CA ARCserver D2D GWT RPC Request Multiple Vulnerabilities
Check for dangerous IIS default files
IIS Service Pack - 404

bozohttpd Security Bypass Vulnerability

Take action and discover your vulnerabilities