COMMAND

    thttpd

SYSTEMS AFFECTED

    Systems using thttpd

PROBLEM

    Marc  Slemko  discovered  a  fairly  serious  security  problem in
    thttpd.  If you're not running chrooted, an attacker can use  this
    bug to  read files  outside of  your document  tree, for  instance
    /etc/passwd.  Obviously this warrants an immediate patch  release.
    The exploit is obvious from the fix.

SOLUTION

    If you are  running thttpd chrooted  (i.e. you start  it as root),
    then you are safe  from this bug.   Better install the fix  anyway
    though.  Tarchive available as usual at:

        http://www.acme.com/software/thttpd/