Yaws · Yaws Webserver · CVE-2005-2008
**Name of the Vulnerable Software and Affected Versions**
Yaws Webserver versions 1.55 and earlier
**Description**
The issue allows remote attackers to obtain the source code for yaws scripts by sending a request to a yaws script with a trailing %00 (null).
**Recommendations**
For Yaws Webserver versions 1.55 and earlier, update to a version later than 1.55 to resolve the issue.