Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2004-0281


Vulnerability Score 5.0 5.0
CVE Id CVE-2004-0281
Last Modified 05 Sep 2008 04:38:01
Published 23 Nov 2004 12:00:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact NONE NONE
Availability Impact NONE NONE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE



Caucho Technology Resin 2.1.12 allows remote attackers to gain sensitive information and view the contents of the /WEB-INF/ directory via an HTTP request for "WEB-INF..", which is equivalent to "WEB-INF" in Windows.

Vulnerable Systems


  • Caucho Technology Resin 2.1.12


XF - resin-dotdot-directory-traversal(15087)

BID - 9617

BUGTRAQ - 20040205 Apache Http Server Reveals Script Source Code to Remote Users And Any Users Can Access Resin Forbidden Directory ("/WEB-INF/")

Last Updated: 27 May 2016 10:38:32