Sensitive File Disclosure in Acme Thttpd Secure Webserver

Sensitive File Disclosure in Acme Thttpd Secure Webserver

CVE-2001-0892 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

Acme Thttpd Secure Webserver before 2.22, with the chroot option enabled, allows remote attackers to view sensitive files under the document root (such as .htpasswd) via a GET request with a trailing /.

Learn more about our Web App Pen Testing.