CVE-2001-0286

Name of the Vulnerable Software and Affected Versions A1 HTTP server version 1.0a

Description The issue allows remote attackers to read arbitrary files via a .. (dot dot) in an HTTP GET request, specifically through "HTTP GET" requests. This is a directory traversal vulnerability.

Recommendations For A1 HTTP server version 1.0a, consider restricting access to sensitive files and directories to minimize the risk of exploitation until a patch is available. As a temporary workaround, disabling the handling of .. (dot dot) sequences in HTTP GET requests may help mitigate the issue.