Sambar Server 5.1 - Script Source Disclosure
| EKU-ID: 26897 | CVE: CVE-2002-0737;OSVDB-5122 | OSVDB-ID: |
| Author: pgrundl | Published: 2002-04-17 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 26897 | CVE: CVE-2002-0737;OSVDB-5122 | OSVDB-ID: |
| Author: pgrundl | Published: 2002-04-17 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/4533/info An issue has been discovered in Sambar Server, which could allow a user to reveal the source code of script files. Submitting a request for a known script file along with a space and null character (%00), will successfully bypass the serverside URL parsing. http://server/cgi-bin/environ.pl+%00