Threat level definition
Search:
Home
Bugtraq
Vulnerabilities
Mailing Lists
Jobs
Tools
Beta Programs
News
Infocus
Foundations
Microsoft
Unix
IDS
Incidents
Virus
Pen-Test
Firewalls
Columnists
Mailing Lists
Newsletters
Bugtraq
Focus on IDS
Focus on Linux
Focus on Microsoft
Forensics
Pen-test
Security Basics
Vuln Dev
Vulnerabilities
Jobs
Job Opportunities
Resumes
Job Seekers
Employers
Tools
RSS
News
Vulns
Security Research
Back to list
|
Post reply
SHTTPD V1.38 server source code disclosure
Jun 23 2007 05:21PM
imprili gmail com
SHTTPD V1.38 server source code disclosure
------------------------------------
link:http://shttpd.sourceforge.net/
info: The vulnerability is caused due to a parser error of the filename
extension supplied by the user in the URL.
This can be exploited to retrieve the source code of script files.
POC: http://127.0.0.1/test.php%20
Bug Found By: Shay priel aka Prili - imprili[at]gmail.com
[ reply ]
Privacy Statement
Copyright 2008, SecurityFocus
------------------------------------
link:http://shttpd.sourceforge.net/
info: The vulnerability is caused due to a parser error of the filename
extension supplied by the user in the URL.
This can be exploited to retrieve the source code of script files.
POC: http://127.0.0.1/test.php%20
Bug Found By: Shay priel aka Prili - imprili[at]gmail.com
[ reply ]