5
CVSSv2

CVE-2001-0200

Published: 03/05/2001 Updated: 05/09/2008
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
VMScore: 505
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Summary

HSWeb 2.0 HTTP server allows remote malicious users to obtain the physical path of the server via a request to the /cgi/ directory, which will list the path if directory browsing is enabled.

Vulnerable Product Search on Vulmon Subscribe to Product

heat-on software hsweb 2.0

Exploits

source: wwwsecurityfocuscom/bid/2336/info Requesting a specially crafted URL will make it possible for a remote attacker to disclose the physical path to the web root and peruse the entire directory listing target/cgi/ ...