10 lines
No EOL
582 B
Text
10 lines
No EOL
582 B
Text
source: https://www.securityfocus.com/bid/2809/info
|
|
|
|
Acme.Serve is a free, open-source, embeddable webserver written in Java. It is small, is intended to provide minimal functionality, and is fully compatible with JavaServer.
|
|
|
|
Acme.Serve 1.7 comes with a webserver that listens on port 9090. This webserver allows clients to browse the filesystem. By default, this webserver is enabled and accessible by any remote host on the Internet.
|
|
|
|
If an attacker were to connect, they could view possibly sensitive information.
|
|
|
|
|
|
http://potentialvictim:9090//etc/shadow to view '/etc/shadow'. |