source: http://www.securityfocus.com/bid/8687/info It has been reported that a vulnerability present in TCLHttpd allows for attackers to view the contents of arbitrary directories on affected web servers. According to the report, the input validation implemented to protect against this is inadequate and can be evaded easily by specifying the absolute path of the requested directory. The discoverer of this vulnerability has stated that version 3.4.2 is affected. It is likely that prior versions are also vulnerable. http://example/images/?pattern=/*&sort=name
Related Exploits
Trying to match OSVDBs (1): 3761Other Possible E-DB Search Terms: TCLhttpd 3.4.2, TCLhttpd
Date | D | V | Title | Author |
---|---|---|---|---|
2003-09-24 |
![]() |
TCLHttpd 3.4.2 - Multiple Cross-Site Scripting Vulnerabilities | Phuong Nguyen |