Summary
Simple web-server is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input.
Exploiting this issue will allow an attacker to view arbitrary local files within the context of the webserver. Information harvested may aid in launching further attacks.
Simple web-server 1.2 is vulnerable
other versions may also be
affected.
References
Severity
Classification
-
CVSS Base Score: 5.0
AV:N/AC:L/Au:N/C:N/I:N/A:P
Related Vulnerabilities
- Apache 'mod_proxy_http' 2.2.9 for Unix Timeout Handling Information Disclosure Vulnerability
- IBM WebSphere Application Server 'plugin-key.kdb' Information Disclosure Vulnerability
- httpdASM Directory Traversal Vulnerability
- IBM WebSphere Application Server Multiple CSRF Vulnerabilities
- Apache Tomcat Partial HTTP Requests DoS Vulnerability (Windows)