Bugtraq mailing list archives
SHTTPD V1.38 server source code disclosure
From: imprili () gmail com
Date: 23 Jun 2007 17:21:38 -0000
SHTTPD V1.38 server source code disclosure ------------------------------------ link:http://shttpd.sourceforge.net/ info: The vulnerability is caused due to a parser error of the filename extension supplied by the user in the URL. This can be exploited to retrieve the source code of script files. POC: http://127.0.0.1/test.php%20 Bug Found By: Shay priel aka Prili - imprili[at]gmail.com
Current thread:
- SHTTPD V1.38 server source code disclosure imprili (Jun 25)