Directory Traversal in the function SSL_accept in nostromo nhttpd through 1.9.6 allows an attacker to trigger a denial of service via a crafted HTTP request.

Published : 2019-10-14 17:15 Updated : 2019-10-16 13:47

CVSS Score More info
Score 5.0 / 10
Vendor Product Version URI
Nazgul Nostromo Nhttpd 1.9.6 cpe:/a:nazgul:nostromo_nhttpd:1.9.6
  1. Nazgul (1) Search CVE
    1. Nostromo Nhttpd (1) Search CVE
      1. 1.9.6


ID Name Description Links
CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') The software uses external input to construct a pathname that is intended to identify a file or directory that is located underneath a restricted parent directory, but the software does not properly neutralize special elements within the pathname that can cause the pathname to resolve to a location that is outside of the restricted directory. CVE

History of changes

Date Event
2019-10-16 13:47
2019-10-14 17:15