CVE-2004-1990

Name of the Vulnerable Software and Affected Versions Aldo's Web Server (aweb) version 1.5

Description The issue allows remote attackers to gain sensitive information via an arbitrary character, which reveals the full path and the user running the aweb process, possibly due to a malformed request.

Recommendations For version 1.5, consider restricting access to sensitive information until a patch is available. As a temporary workaround, review and sanitize all input to prevent malformed requests from being processed.