Summary
HTTP File Server is prone to multiple vulnerabilities including a security- bypass issue and a denial-of-service issue.
Exploiting these issues will allow an attacker to download files from restricted directories within the context of the application or cause denial-of-service conditions.
Solution
Reportedly the vendor has fixed the issue. Please see the references for more information.
References
Severity
Classification
-
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- Cherokee Web Server Malformed Packet Remote Denial of Service Vulnerability
- HTTP File Server Security Bypass and Denial of Service Vulnerabilities
- IBM WebSphere Application Server Multiple Vulnerabilities
- IBM HTTP Server Multiple Cross Site Scripting Vulnerabilities
- IIS 5.0 Sample App reveals physical path of web root