This host is running bozotic HTTP server and is prone to information disclosure vulnerability.
Successful exploitation will allow attacker to determine the existence of a user and potentially disclose the user's files. Impact Level: Application
Upgrade to bozotic HTTP server version 20100621 or later, For updates refer to http://www.eterna.com.au/bozohttpd/
The server is not properly handling requests to a user's public_html folder while the folder does not exist. This can be exploited to determine the existence of user accounts via multiple requests for URIs beginning with /~ sequences.
bozotic HTTP server (aka bozohttpd) versions before 20100621.
- Apache Tomcat Multiple Security Bypass Vulnerabilities (Win)
- Kolibri Webserver 'HEAD' Request Processing Buffer Overflow Vulnerability
- bozotic HTTP server Denial of Service Vulnerability
- Acritum Femitter Server HTTP Request Remote File Disclosure Vulnerability
- Cherokee Web Server Malformed Packet Remote Denial of Service Vulnerability