CVE-2005-2008

Published: Jun 17, 2005Modified: Apr 16, 2026

5.0

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Exploitability: 10.0 / Impact: 2.9

Source: NVD

Description

Yaws Webserver 1.55 and earlier allows remote attackers to obtain the source code for yaws scripts via a request to a yaw script with a trailing %00 (null).

Affected (6)

Products: Yaws: Webserver

1 product

Configuration A

6 vulnerable

Vulnerable Software	Affected Versions
Yaws Webserver	Version 1.50
Yaws Webserver	Version 1.51
Yaws Webserver	Version 1.52
Yaws Webserver	Version 1.53
Yaws Webserver	Version 1.54
Yaws Webserver	Version 1.55

References (8)

http://marc.info/?l=bugtraq&m=111927717726371&w=2

Source: cve@mitre.org

http://secunia.com/advisories/15740

Source: cve@mitre.org

PatchVendor Advisory

http://www.osvdb.org/17375

Source: cve@mitre.org

Vendor Advisory

http://yaws.hyber.org/yaws-1.55_to_1.56.patch

Source: cve@mitre.org

PatchVendor Advisory

http://marc.info/?l=bugtraq&m=111927717726371&w=2

Source: af854a3a-2127-422b-91ae-364da2661108

http://secunia.com/advisories/15740

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

http://www.osvdb.org/17375

Source: af854a3a-2127-422b-91ae-364da2661108

Vendor Advisory

http://yaws.hyber.org/yaws-1.55_to_1.56.patch

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.