CVE-2013-0348 | SynScan

Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2013-0348

thttpd.c in sthttpd before 2.26.4-r2 and thttpd 2.25b use world-readable permissions for /var/log/thttpd.log, which allows local users to obtain sensitive information by reading the file.

Published: Dec 13, 2013
Updated: Apr 13, 2023
CVE: CVE-2013-0348
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 2.1
AV:L/AC:L/Au:N/C:P/I:N/A:N

CWEs:

CWE-264

Affected Software
References

Software	From	Fixed in
open_source_development_team / sthttpd	2.26.3	2.26.3.x
open_source_development_team / sthttpd	2.26	2.26.x
open_source_development_team / sthttpd	2.26.1	2.26.1.x
open_source_development_team / sthttpd	2.26.2	2.26.2.x
open_source_development_team / sthttpd	-	2.26.4.x
fedoraproject / fedora	17	17.x
fedoraproject / fedora	18	18.x
opensuse / opensuse	12.3	12.3.x
opensuse / opensuse	12.2	12.2.x
gentoo / linux	-	-
opensuse / opensuse	13.1	13.1.x
acme / thttpd	2.25-b	2.25-b.x