Snowblind 1.0/1.1 - Web Server File Disclosure
| EKU-ID: 28085 | CVE: CVE-2003-0312;OSVDB-4164 | OSVDB-ID: |
| Author: euronymous | Published: 2003-05-16 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 28085 | CVE: CVE-2003-0312;OSVDB-4164 | OSVDB-ID: |
| Author: euronymous | Published: 2003-05-16 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/7618/info It has been announced that Snowblind Web Server is vulnerable to a condition that may result in the disclosure of potentially sensitive information. According to the report, Snowblind Web Server does not perform correct access validation on client requested paths which include "../" character sequences. http://www.example.com/../../windows/system.ini http://www.example.com/internal.sws?../../windows/system.ini