Showing 1 - 2 of 2

CVE-2008-0410

Status Candidate

Overview

HTTP File Server (HFS) before 2.2c allows remote attackers to obtain configuration and usage details by using an id element such as <id>%version%</id> in HTTP Basic Authentication instead of a username and password, as demonstrated by placing this id element in the userinfo subcomponent of a URL.

Related Files

hfshack.txt: Posted Jan 24, 2008; Authored by Felipe Daragon, Alec Storm | Site syhunt.com; Syhunt HFSHack version 1.0b is an exploit for various vulnerabilities found in HFS versions 1.5 through 2.3.; tags | exploit, vulnerability; advisories | CVE-2008-0405, CVE-2008-0406, CVE-2008-0407, CVE-2008-0408, CVE-2008-0409, CVE-2008-0410; SHA-256 | cf5241d98b767c660b1da691f06531bdf11802f7be9b965f8b6a271445f08f40; Download | Favorite | View

hfs-xss.txt: Posted Jan 24, 2008; Authored by Felipe Daragon, Alec Storm | Site syhunt.com; HFS versions 2.3 through 2.0 suffer from cross site scripting and information disclosure vulnerabilities.; tags | exploit, vulnerability, xss, info disclosure; advisories | CVE-2008-0409, CVE-2008-0410; SHA-256 | c6417b3811c50e7ea4316acb3c097304bd8f5ebfd4d871f85cbc2532a0cd2f0d; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 247 files
Ubuntu 88 files
indoushka 49 files
Jasper Nota 25 files
Willem Westerhof 19 files
Gentoo 11 files
Jim Blankendaal 11 files
Debian 11 files
Apple 9 files
Martijn Baalman 9 files

File Archives

Systems

AIX (429)
Apple (2,099)
BSD (377)
CentOS (58)
Cisco (1,927)
Debian (7,085)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,534)
HPUX (880)
iOS (378)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (50,603)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (489)
RedHat (16,440)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,724)
UNIX (9,433)
UnixWare (187)
Windows (6,668)
Other

CVE-2008-0410

Overview

Related Files

File Archive:

August 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems