CVE-1999-0678

A default configuration of Apache on Debian GNU/Linux sets the ServerRoot to /usr/doc, which allows remote users to read documentation files for the entire server...

(Repost) CwpApi : GetRelativePath() returns invalid paths (security advisory)

ACD Incorporated Security Advisory Project: Comprehensive Web Programming API Synopsis: GetRelativePath in CwpApi.php returns paths outside of the HTTP ServerRoot. Advisory date: January 18, 2002 New version: 1.1.1 1. In Brief: An updated CwpApi release is available which fixes a minor security b...

Perl Web Server 0.x - Directory Traversal

source: https://www.securityfocus.com/bid/2648/info Perl Web Server, an experimental cross-platform web server project, does not prevent a remote user from requesting documents outside the ServerRoot location of the virtual / directory. This means that if an attacker knows the location of a...

CVE-1999-0678

CVE-1999-0678 affects the Apache server configured on Debian GNU/Linux where the default ServerRoot is /usr/doc. This misconfiguration allows remote users to read documentation files for the entire server via the web interface. The issue is caused by serving the /usr/doc directory as part of the ...