cbcvebase.
CVE-2013-0348
published 2013-12-13

CVE-2013-0348: thttpd.c in sthttpd before 2.26.4-r2 and thttpd 2.25b use world-readable permissions for /var/log/thttpd.log, which allows local users to obtain sensitive…

PriorityP44low2.1CVSS 2.0
AVLACLAuNCPINAN
EPSS
0.52%
40.3th percentile
thttpd.c in sthttpd before 2.26.4-r2 and thttpd 2.25b use world-readable permissions for /var/log/thttpd.log, which allows local users to obtain sensitive information by reading the file.

Affected

11 ranges
VendorProductVersion rangeFixed in
acmethttpd
fedoraprojectfedora
fedoraprojectfedora
open_source_development_teamsthttpd<= 2.26.4
open_source_development_teamsthttpd
open_source_development_teamsthttpd
open_source_development_teamsthttpd
open_source_development_teamsthttpd
opensuseopensuse
opensuseopensuse
opensuseopensuse
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.