{"title": "Auto Directory Index Direct GET Request Hidden File Access", "published": "2003-02-12T00:00:00", "references": [], "type": "osvdb", "enchantments": {"score": {"value": -0.1, "vector": "NONE", "modified": "2017-04-28T13:20:02", "rev": 2}, "dependencies": {"references": [], "modified": "2017-04-28T13:20:02", "rev": 2}, "vulnersScore": -0.1}, "cvelist": [], "viewCount": 0, "affectedSoftware": [{"version": "1.0.2", "name": "Auto Directory Index", "operator": "eq"}, {"version": "1.0.0", "name": "Auto Directory Index", "operator": "eq"}, {"version": "1.0.3", "name": "Auto Directory Index", "operator": "eq"}, {"version": "1.0.1", "name": "Auto Directory Index", "operator": "eq"}], "id": "OSVDB:7120", "modified": "2003-02-12T00:00:00", "href": "https://vulners.com/osvdb/OSVDB:7120", "edition": 1, "description": "## Vulnerability Description\nAuto Directory Index contains a flaw that may lead to an unauthorized information disclosure. \u00a0The issue is triggered when a remote attacker directly requests a file or directory flagged as 'hidden', which will disclose the contents of the file/directory resulting in a loss of confidentiality.\n## Solution Description\nUpgrade to version 1.0.4 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.\n## Short Description\nAuto Directory Index contains a flaw that may lead to an unauthorized information disclosure. \u00a0The issue is triggered when a remote attacker directly requests a file or directory flagged as 'hidden', which will disclose the contents of the file/directory resulting in a loss of confidentiality.\n## References:\nVendor URL: http://autoindex.sourceforge.net/\n[Vendor Specific Advisory URL](http://autoindex.sourceforge.net/changeLog.html)\n", "bulletinFamily": "software", "reporter": "OSVDB", "cvss": {"vector": "NONE", "score": 0.0}, "lastseen": "2017-04-28T13:20:02"}

{}