CVE-1999-1456
CVSS 2.0 Score 5.0 of 10 (medium)
Details
Published Dec 31, 1999
Updated: Nov 20, 2024
Summary
CVE-1999-1456 is a vulnerability affecting the thttpd HTTP server version 2.03 and earlier. Attackers can exploit this issue by making a GET request with a filename that contains more than one leading slash. This allows the attacker to read arbitrary files on the targeted system, posing a significant security risk. The vulnerability can be mitigated by upgrading to a patched version of the thttpd server or implementing appropriate access controls.
Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.
Share