Aiglon Web Server 2.0 - Installation Path Information Disclosure

EDB-ID:

22755

CVE:

N/A


Author:

Ziv Kamir

Type:

remote


Platform:

Multiple

Date:

2003-06-10


source: https://www.securityfocus.com/bid/7867/info

A weakness has been discovered in Aiglon Web Server, which may provide for the disclosure of sensitive information to remote attackers.

It has been reported that a remote attacker may cause the web server to disclose installation path details by making a malformed HTTP request. The remote attacker may potentially use the disclosed information to aid in further "intelligent" attacks against the host running the affected software.

http://www.example.com/index.html*