Exploit Netscape FastTrack Server 3.0.1 - Fasttrack Root Directory Listing

Exploiter

Хакер
34,644
0
18 Дек 2022
EDB-ID
19363
Проверка EDB
  1. Пройдено
Автор
JESúS LóPEZ DE AGUILETA
Тип уязвимости
REMOTE
Платформа
MULTIPLE
CVE
cve-1999-0239
Дата публикации
1999-06-07
Netscape FastTrack Server 3.0.1 - Fasttrack Root Directory Listing
Код:
source: https://www.securityfocus.com/bid/481/info

Netscape's Fasttrack server is supposed to display a directory listing if the follwing three conditions are met:
1: Directory listing is enabled
2: No filename is specified in the requested URL
3: There is no index file in that directory (defaults are index.html and home.html)

However, even with an index file in the directory, if you telnet to the httpd port and type 'get/' you will get a directory listing of the root directory. 

Telnet to the httpd port and type 'get/' to get a root directory listing.
 
Источник
www.exploit-db.com

Похожие темы