← back
CVE-2008-0408

CVE-2008-0408

EPSS 1.7%
HTTP File Server (HFS) before 2.2c allows remote attackers to append arbitrary text to the log file by using the base64 representation of this text during HTTP Basic Authentication.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://secunia.com/advisories/28631http://securityreason.com/securityalert/3582https://exchange.xforce.ibmcloud.com/vulnerabilities/39876http://www.rejetto.com/hfs/?f=wnhttp://www.securityfocus.com/archive/1/486874/100/0/threadedhttp://www.securityfocus.com/bid/27423http://www.syhunt.com/advisories/hfs-1-username.txthttp://www.syhunt.com/advisories/hfshack.txt