Your submission was sent successfully! Close

CVE-2010-2320

Published: 02 August 2010

bozotic HTTP server (aka bozohttpd) before 20100621 allows remote attackers to list the contents of home directories, and determine the existence of user accounts, via multiple requests for URIs beginning with /~ sequences.

Priority

Low

Status

Package Release Status
bozohttpd
Launchpad, Ubuntu, Debian
Upstream Needs triage

Ubuntu 14.04 ESM (Trusty Tahr) Not vulnerable