CyberSec.Space Logo
返回 CVE 浏览器

CVE-2011-0751

HIGH
7.5
CVSS Severity Score
EPSS Score0.0060%
EPSS Percentile26.40th
Published2011年3月16日
Last Modified2026年4月29日

Vulnerability Description

Directory traversal vulnerability in nhttpd (aka Nostromo webserver) before 1.9.4 allows remote attackers to execute arbitrary programs or read arbitrary files via a ..%2f (encoded dot dot slash) in a URI.

Affected Platforms (CPE)

📦
Nazgul

Nostromo

<= 1.9.3
📦
Nazgul

Nostromo

= 0.1
📦
Nazgul

Nostromo

= 0.2
📦
Nazgul

Nostromo

= 0.3
📦
Nazgul

Nostromo

= 0.4
📦
Nazgul

Nostromo

= 0.5
📦
Nazgul

Nostromo

= 0.6
📦
Nazgul

Nostromo

= 0.7
📦
Nazgul

Nostromo

= 0.8
📦
Nazgul

Nostromo

= 0.9
📦
Nazgul

Nostromo

= 1.0
📦
Nazgul

Nostromo

= 1.1
📦
Nazgul

Nostromo

= 1.2
📦
Nazgul

Nostromo

= 1.3
📦
Nazgul

Nostromo

= 1.4
📦
Nazgul

Nostromo

= 1.5
📦
Nazgul

Nostromo

= 1.5.1
📦
Nazgul

Nostromo

= 1.6
📦
Nazgul

Nostromo

= 1.7
📦
Nazgul

Nostromo

= 1.7.1
📦
Nazgul

Nostromo

= 1.7.2
📦
Nazgul

Nostromo

= 1.7.3
📦
Nazgul

Nostromo

= 1.7.4
📦
Nazgul

Nostromo

= 1.7.5
📦
Nazgul

Nostromo

= 1.7.6
📦
Nazgul

Nostromo

= 1.7.7
📦
Nazgul

Nostromo

= 1.7.8
📦
Nazgul

Nostromo

= 1.7.9
📦
Nazgul

Nostromo

= 1.8
📦
Nazgul

Nostromo

= 1.8.1
📦
Nazgul

Nostromo

= 1.8.2
📦
Nazgul

Nostromo

= 1.8.3
📦
Nazgul

Nostromo

= 1.8.4
📦
Nazgul

Nostromo

= 1.8.5
📦
Nazgul

Nostromo

= 1.8.6
📦
Nazgul

Nostromo

= 1.8.7
📦
Nazgul

Nostromo

= 1.8.8
📦
Nazgul

Nostromo

= 1.8.9
📦
Nazgul

Nostromo

= 1.9
📦
Nazgul

Nostromo

= 1.9.1
📦
Nazgul

Nostromo

= 1.9.2

References & Advisories

🔗 http://osvdb.org/71235
🔗 http://secunia.com/advisories/43775
🔗 http://securityreason.com/securityalert/8140
🔗 http://www.nazgul.ch/dev_nostromo.html
🔗 http://www.redteam-pentesting.de/advisories/rt-sa-2011-001
🔗 http://www.securityfocus.com/archive/1/517026/100/0/threaded
🔗 http://www.securityfocus.com/bid/46880
🔗 http://www.vupen.com/english/advisories/2011/0674

相关漏洞威胁

CVE-2019-162789.8

Directory Traversal in the function http_verify in nostromo nhttpd through 1.9.6 allows an attacker to achieve remote code executi...

CVE-2019-162797.5

A memory error in the function SSL_accept in nostromo nhttpd through 1.9.6 allows an attacker to trigger a denial of service via a...

CVE-2026-121917.8

A vulnerability was found in Comma AI Openpilot 0.11. This issue affects the function pickle.load/pickle.loads of the file selfdri...

CVE-2026-121905.3

A vulnerability has been found in Genspark AI Workspace App 2.8.4 on Android. This vulnerability affects unknown code of the compo...