BugTraq
Back to list
|
Post reply
SHTTPD V1.38 server source code disclosure
Jun 23 2007 05:21PM
imprili gmail com
SHTTPD V1.38 server source code disclosure
------------------------------------
link:http://shttpd.sourceforge.net/
info: The vulnerability is caused due to a parser error of the filename
extension supplied by the user in the URL.
This can be exploited to retrieve the source code of script files.
POC: http://127.0.0.1/test.php%20
Bug Found By: Shay priel aka Prili - imprili[at]gmail.com
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
------------------------------------
link:http://shttpd.sourceforge.net/
info: The vulnerability is caused due to a parser error of the filename
extension supplied by the user in the URL.
This can be exploited to retrieve the source code of script files.
POC: http://127.0.0.1/test.php%20
Bug Found By: Shay priel aka Prili - imprili[at]gmail.com
[ reply ]