header-logo
Suggest Exploit
vendor:
Simple Web Server
by:
SecurityFocus
5
CVSS
MEDIUM
Directory Traversal
22
CWE
Product Name: Simple Web Server
Affected Version From: All versions
Affected Version To: All versions
Patch Exists: YES
Related CWE: CVE-2002-0647
CPE: o:simpleweb:simple_web_server
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: Windows, Linux, Mac
2002

Simple Web Server Directory Traversal

Simple Web Server is vulnerable to a directory traversal attack due to improper sanitization of web requests. By adding a slash-slash sequence ('//') to a URI, an attacker can bypass access controls and disclose files on the vulnerable web server.

Mitigation:

Ensure that web requests are properly sanitized to prevent directory traversal attacks.
Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/6145/info

Simple Web Server does not properly sanitize web requests. By adding a slash-slash sequence ('//') to a URI, it is possible for an attacker to disclose files on the vulnerable web server, effectively bypassing any access controls. 

http://server.com///secret/file

Navigation

Suggest Exploit

Services By CQR