HTTP File Server 2.2 - Security Bypass / Denial of Service
| EKU-ID: 38637 | CVE: | OSVDB-ID: |
| Author: Luigi Auriemma | Published: 2010-04-19 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 38637 | CVE: | OSVDB-ID: |
| Author: Luigi Auriemma | Published: 2010-04-19 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/39544/info HTTP File Server is prone to multiple vulnerabilities including a security-bypass issue and a denial-of-service issue. Exploiting these issues will allow an attacker to download files from restricted directories within the context of the application or cause denial-of-service conditions. http://www.example.com/protected_folder/secret_file.txt%00 http://www.example.com/?search=%25%25