HTTP File Server Security Bypass And Denial Of Service Vulnerabilities Network Vulnerability

Summary

HTTP File Server is prone to multiple vulnerabilities including a security- bypass issue and a denial-of-service issue. Exploiting these issues will allow an attacker to download files from restricted directories within the context of the application or cause denial-of-service conditions.

Solution

Reportedly the vendor has fixed the issue. Please see the references for more information.

References

http://aluigi.altervista.org/adv/hfsref-adv.txt
http://www.rejetto.com/hfs/?f=intro
http://www.securityfocus.com/bid/39544

Updated on 2015-03-25

Severity

Classification

CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Cherokee Web Server Malformed Packet Remote Denial of Service Vulnerability
HTTP File Server Security Bypass and Denial of Service Vulnerabilities
IBM WebSphere Application Server Multiple Vulnerabilities
IBM HTTP Server Multiple Cross Site Scripting Vulnerabilities
IIS 5.0 Sample App reveals physical path of web root

Take action and discover your vulnerabilities