Heat-On HSWeb Web Server Path Disclosure Vulnerability
BID:2336
Info
Heat-On HSWeb Web Server Path Disclosure Vulnerability
| Bugtraq ID: | 2336 |
| Class: | Input Validation Error |
| CVE: |
CVE-2001-0200 |
| Remote: | Yes |
| Local: | Yes |
| Published: | Feb 04 2001 12:00AM |
| Updated: | Jul 11 2009 04:46AM |
| Credit: | Discovered and posted to Bugtraq by Joe Testa <[email protected]> on Feb 4, 2001. |
| Vulnerable: |
Heat-On Software HSWeb 2.0 |
| Not Vulnerable: | |
Discussion
Heat-On HSWeb Web Server Path Disclosure Vulnerability
Requesting a specially crafted URL will make it possible for a remote attacker to disclose the physical path to the web root and peruse the entire directory listing.
Requesting a specially crafted URL will make it possible for a remote attacker to disclose the physical path to the web root and peruse the entire directory listing.
Solution / Fix
Heat-On HSWeb Web Server Path Disclosure Vulnerability
Solution:
Currently the SecurityFocus staff are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently the SecurityFocus staff are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
Heat-On HSWeb Web Server Path Disclosure Vulnerability
References:
References:
- HSWeb Product Homepage (Heat-On Software)