HTTP File Server 2.2 - Security Bypass / Denial of Service

EDB-ID:

33841

CVE:

N/A




Platform:

Windows

Date:

2010-04-19


source: https://www.securityfocus.com/bid/39544/info

HTTP File Server is prone to multiple vulnerabilities including a security-bypass issue and a denial-of-service issue.

Exploiting these issues will allow an attacker to download files from restricted directories within the context of the application or cause denial-of-service conditions. 

http://www.example.com/protected_folder/secret_file.txt%00
http://www.example.com/?search=%25%25