OneHTTPD 0.6 - Directory Traversal

EDB-ID:

33890

CVE:

N/A




Platform:

Windows

Date:

2010-04-27


Become a Certified Penetration Tester

Enroll in Penetration Testing with Kali Linux , the course required to become an Offensive Security Certified Professional (OSCP)

GET CERTIFIED

source: https://www.securityfocus.com/bid/39757/info

OneHTTPD is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input data.

Exploiting the issue may allow an attacker to obtain sensitive information that could aid in further attacks.

OneHTTPD 0.6 is vulnerable; other versions may also be affected. 

http://www.example.com/%C2../%C2../%C2../%C2../%C2../%C2../%C2../%C2../