← Back

CVE-2010-2320

nvd nist
Published: Aug 2, 2010Modified: Apr 29, 2026

JSON object

Loading...
5.0
Vector
AV:N/AC:L/Au:N/C:P/I:N/A:N
Exploitability: 10.0 / Impact: 2.9
Source: NVD

Description

bozotic HTTP server (aka bozohttpd) before 20100621 allows remote attackers to list the contents of home directories, and determine the existence of user accounts, via multiple requests for URIs beginning with /~ sequences.

Affected (31)

Products: Eterna: Bozohttpd
Eterna
1 product
Bozohttpd
Configuration A
31 vulnerable
Vulnerable SoftwareAffected Versions
Eterna
Bozohttpd
Up to 20100617
Bozohttpd
Version 19990519
Bozohttpd
Version 20000421
Bozohttpd
Version 20000426
Bozohttpd
Version 20000427
Bozohttpd
Version 20000815
Bozohttpd
Version 20000825
Bozohttpd
Version 20010610
Bozohttpd
Version 20010812
Bozohttpd
Version 20010922
Bozohttpd
Version 20020710
Bozohttpd
Version 20020730
Bozohttpd
Version 20020803
Bozohttpd
Version 20020804
Bozohttpd
Version 20020823
Bozohttpd
Version 20020913
Bozohttpd
Version 20021106
Bozohttpd
Version 20030313
Bozohttpd
Version 20030409
Bozohttpd
Version 20030626
Bozohttpd
Version 20031005
Bozohttpd
Version 20040218
Bozohttpd
Version 20040808
Bozohttpd
Version 20050410
Bozohttpd
Version 20060517
Bozohttpd
Version 20060710
Bozohttpd
Version 20080303
Bozohttpd
Version 20090417
Bozohttpd
Version 20090522
Bozohttpd
Version 20100509
Bozohttpd
Version 20100512

Related CWEs

CWE-264
CWE-264

References (12)

Source: cve@mitre.org
Exploit
Source: cve@mitre.org
Vendor Advisory
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Exploit
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Exploit
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.