PT-2002-1498 · Xerver · Xerver Free Web Server
Published
2002-06-11
·
Updated
2008-09-05
·
CVE-2002-0447
CVSS v2.0
5.0
Medium
| Vector | AV:N/AC:L/Au:N/C:P/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Xerver Free Web Server versions 2.10 and earlier
Description
A directory traversal issue allows remote attackers to list arbitrary directories by including a .. (dot dot) in an HTTP GET request.
Recommendations
For versions 2.10 and earlier, update to a version later than 2.10 to resolve the issue.
Exploit
Fix
Found an issue in the description? Have something to add? Feel free to write us 👾
Related Identifiers
Affected Products
Xerver Free Web Server