PT-2000-1159 · Rhinosoft · Serv-U

Published

2000-02-29

Updated

2008-09-10

CVE-2000-0176

CVSS v2.0

5.0

Medium

Vector

AV:N/AC:L/Au:N/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Serv-U versions 2.5d and earlier

Description The default configuration of the software allows remote attackers to determine the real pathname of the server by requesting a URL for a directory or file that does not exist.

Recommendations For Serv-U versions 2.5d and earlier, update the configuration to prevent information disclosure about the server's real pathname.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2000-0176

Affected Products

Serv-U

PT-2000-1159 · Rhinosoft · Serv-U

CVE-2000-0176

Related Identifiers

Affected Products

References · 3