header-logo
Suggest Exploit
vendor:
Roxen WebServer
by:
SecurityFocus
7.5
CVSS
HIGH
Directory Listing
22
CWE
Product Name: Roxen WebServer
Affected Version From: 2
Affected Version To: 2.0.69
Patch Exists: YES
Related CWE: N/A
CPE: a:roxen:roxen_webserver
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2002

Roxen Web Server Directory Listing Vulnerability

If a request containing the null character (%00) is made to the Roxen Web Server, the server will return directory contents, and the source of unparsed scripts and html pages.

Mitigation:

Upgrade to Roxen WebServer 2.0.69 or later
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/1510/info

If a request containing the null character (%00) is made to the Roxen Web Server, the server will return directory contents, and the source of unparsed scripts and html pages.

For example, a request to
http://www.server.com/%00

Will return the contents of the server's document root directory.

Versions of Roxen WebServer 2.0 prior to 2.0.69 are affected.

Navigation

Suggest Exploit

Services By CQR