AI Score
Confidence
High
EPSS
Percentile
62.0%
The default configuration of Serv-U 2.5d and earlier allows remote attackers to determine the real pathname of the server by requesting a URL for a directory or file that does not exist.
archives.neohapsis.com/archives/bugtraq/2000-02/0417.html
www.securityfocus.com/bid/1016