CVE-2002-1454

Name of the Vulnerable Software and Affected Versions MyWebServer version 1.0.2

Description The issue allows remote attackers to determine the absolute path of the web document root. This is achieved by sending a request for a directory that does not exist, which in turn leaks the pathname in an error message.

Recommendations For MyWebServer version 1.0.2, consider modifying the error handling mechanism to avoid disclosing sensitive path information in error messages. As a temporary workaround, restrict access to non-existent directories to minimize the risk of exploitation.