Agostino Sarubbo reported on the oss-security mailing list  that, on Gentoo, thttpd log file is world-readable. This could allow an unprivileged user to read the log file.
Relevant (sthttpd) upstream patch:
This issue affects the versions of the thttpd package, as shipped with Fedora release of 17, 18, Fedora EPEL-5, and Fedora EPEL-6. Please schedule an update.
Created thttpd tracking bugs for this issue
Affects: fedora-all [bug 924858]
Affects: epel-all [bug 924859]
This CVE Bugzilla entry is for community support informational purposes only as it does not affect a package in a commercially supported Red Hat product. Refer to the dependent bugs for status of those individual community products.