CVE-2006-2309

Name of the Vulnerable Software and Affected Versions EServ/3 version 3.25

Description The issue allows remote attackers to obtain sensitive information via crafted HTTP requests containing dot, space, and slash characters, which reveals the source code of script files.

Recommendations For EServ/3 version 3.25, consider restricting access to the HTTP service until a patch is available. As a temporary workaround, avoid using the HTTP service with crafted requests containing dot, space, and slash characters to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.