Simple Server Directory Traversal Vulnerability
BID:2415
Info
Simple Server Directory Traversal Vulnerability
| Bugtraq ID: | 2415 |
| Class: | Input Validation Error |
| CVE: |
CVE-2001-0297 |
| Remote: | Yes |
| Local: | No |
| Published: | Feb 24 2001 12:00AM |
| Updated: | Jul 11 2009 04:46AM |
| Credit: | Reported to bugtraq by <[email protected]> on Feb 24, 2001 |
| Vulnerable: |
Dattaraj Rao Simple Server 1.0 |
| Not Vulnerable: | |
Discussion
Simple Server Directory Traversal Vulnerability
Simple Server is vulnerable to directory traversal attacks.
By submitting requests to the server which include '/../' sequences, an attacker can traverse the normal directory structure of the webserver, requesting files outside the webserver's directory structure.
Simple Server is vulnerable to directory traversal attacks.
By submitting requests to the server which include '/../' sequences, an attacker can traverse the normal directory structure of the webserver, requesting files outside the webserver's directory structure.
Exploit / POC
Simple Server Directory Traversal Vulnerability
Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Currently the SecurityFocus staff are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
Simple Server Directory Traversal Vulnerability
Solution:
Currently the SecurityFocus staff are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently the SecurityFocus staff are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.