Bozohttpd Security Bypass Vulnerability Network Vulnerability

Summary

bozohttpd is prone to a security-bypass vulnerability. An attacker can exploit this issue to bypass certain security restrictions and gain access to restricted content. This can lead to other attacks. bozohttpd 20090522 and 20100509 are vulnerable other versions may also be affected.

Solution

Updates are available. Please see the references for more information.

References

http://www.eterna.com.au/bozohttpd/
https://bugs.launchpad.net/ubuntu/+source/bozohttpd/+bug/582473
https://www.securityfocus.com/bid/42021

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-2195, CVE-2010-2320

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Apache Tomcat Denial Of Service Vulnerability (Windows)
CA ARCserver D2D GWT RPC Request Multiple Vulnerabilities
IBM WebSphere Application Server (WAS) Multiple Vulnerabilities 02 - March 2011
Ecava IntegraXor Directory Traversal Vulnerability
Acritum Femitter Server 1.03 Multiple Remote Vulnerabilities

bozohttpd Security Bypass Vulnerability

Take action and discover your vulnerabilities