Roxen Remote File Access Vulnerability

Roxen webserver is a powerful http server that runs on Unix and Windows platforms.

Roxen contains a remotely exploitable vulnerability in it's handling of encoded URLS in certain optional modules. The vulnerability may allow for an attacker to retrieve webserver readable files from arbitrary locations in the server filesystem.

When the CGI module is in use, this vulnerability may allow for remote command execution.


 

Privacy Statement
Copyright 2010, SecurityFocus