Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2003-1137

Overview

Vulnerability Score 5.0 5.0
CVE Id CVE-2003-1137
Last Modified 05 Sep 2008 04:36:08
Published 27 Oct 2003 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2003-1137

Summary

Charles Steinkuehler sh-httpd 0.3 and 0.4 allows remote attackers to read files or execute arbitrary CGI scripts via a GET request that contains an asterisk (*) wildcard character.

Vulnerable Systems

Application

  • Charles Steinkuehler Sh-httpd 0.3

  • Charles Steinkuehler Sh-httpd 0.4


References

BID - 8897

BUGTRAQ - 20031028 Re: sh-httpd `wildcard character' vulnerability

BUGTRAQ - 20031027 sh-httpd `wildcard character' vulnerability

XF - shtttpd-get-information-disclosure(13519)


Last Updated: 27 May 2016 10:38:14