Roxen WebServer 2.0.x - '%00' Request File/Directory Disclosure
| EKU-ID: 25678 | CVE: CVE-2000-0671;OSVDB-378 | OSVDB-ID: |
| Author: zorgon | Published: 2000-07-21 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 25678 | CVE: CVE-2000-0671;OSVDB-378 | OSVDB-ID: |
| Author: zorgon | Published: 2000-07-21 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/1510/info If a request containing the null character (%00) is made to the Roxen Web Server, the server will return directory contents, and the source of unparsed scripts and html pages. For example, a request to http://www.server.com/%00 Will return the contents of the server's document root directory. Versions of Roxen WebServer 2.0 prior to 2.0.69 are affected.