Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2002-1238

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2002-1238
Last Modified 10 Sep 2008 03:14:09
Published 12 Nov 2002 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2002-1238

Summary

Peter Sandvik's Simple Web Server 0.5.1 and earlier allows remote attackers to bypass access restrictions for files via an HTTP request with a sequence of multiple / (slash) characters such as http://www.example.com///file/.

Vulnerable Systems

Application

  • Peter Sandvik Simple Web Server 0.5.1


References

XF - simple-server-file-access(10563)

BID - 6145

MISC - http://www.idefense.com/advisory/11.08.02a.txt

BUGTRAQ - 20021108 iDEFENSE Security Advisory 11.08.02a: File Disclosure Vulnerability in Simple Web Server


Last Updated: 27 May 2016 10:37:15