Bozohttpd Security Bypass Vulnerability Network Vulnerability

Summary

bozohttpd is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and gain access to restricted content. This can lead to other attacks. bozohttpd 20090522 and 20100509 are vulnerable other versions may also be affected.

Solution

Updates are available. Please see the references for more information.

References

http://www.eterna.com.au/bozohttpd/
https://bugs.launchpad.net/ubuntu/+source/bozohttpd/+bug/582473
https://www.securityfocus.com/bid/42021

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-2195, CVE-2010-2320

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

IBM WebSphere Application Server WS-Security XML Encryption Weakness Vulnerability
Lil' HTTP Server Cross Site Scripting Vulnerability
Lighttpd Trailing Slash Information Disclosure Vulnerability
IBM WebSphere Application Server Administration Console DoS vulnerability
Apache UserDir Sensitive Information Disclosure

bozohttpd Security Bypass Vulnerability

Take action and discover your vulnerabilities