cpe:/a:shttp:shttp:1.38 CVE-2007-6404 2007-12-17T13:46:00.000-05:00 2017-09-28T21:29:55.487-04:00 5.0 NETWORK LOW NONE NONE PARTIAL NONE http://nvd.nist.gov 2007-12-17T15:15:00.000-05:00 BUGTRAQ 20071207 Two vulnerabilities in Simple HTTPD 1.38 BID 26768 SREASON 3457 OSVDB 44013 EXPLOIT-DB 4700 MLIST [shttpd-general] 20071203 Security bugs in SHTTPD MISC http://aluigi.altervista.org/adv/shttpd-adv.txt Directory traversal vulnerability in Sergey Lyubka Simple HTTPD (shttpd) 1.38 and earlier on Windows allows remote attackers to read arbitrary files via a ..\ (dot dot backslash) in the URI.