NCSA/Apache httpd ScriptAlias Source Retrieval Vulnerability

NCSA/Apache httpd ScriptAlias Source Retrieval Vulnerability

To retrieve the contents of http://targethost/cgi-bin/script.cgi an attacker would use the following URL, provided the directory cgi-bin is redirected using ScriptAlias:
http://targethost///cgi-bin/script.cgi