CVE-2009-3544

Name of the Vulnerable Software and Affected Versions Xerver HTTP Server version 4.32

Description The issue allows remote attackers to obtain the source code for a web page via a specially crafted HTTP request. This is achieved by adding ::$DATA after the HTML file name in the request.

Recommendations For Xerver HTTP Server version 4.32, consider restricting access to sensitive web pages until a fix is available. As a temporary workaround, avoid using the ::$DATA suffix in HTTP requests to minimize the risk of source code exposure.