Published: 23/10/2005 Updated: 11/07/2017

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 510

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Xerver 4.17 allows remote malicious users to (1) obtain source code of scripts via a request with a trailing "." (dot) or (2) list directory contents via a trailing null character.

Vulnerable Product	Search on Vulmon	Subscribe to Product
xerver xerver 4.17h

source: wwwsecurityfocuscom/bid/15135/info Xerver is prone to multiple input validation vulnerabilities These issues are due to a failure in the application to properly sanitize user-supplied input An attacker can exploit a vulnerability to disclose the contents of any Web accessible script Information obtained may aid in further atta ...

source: wwwsecurityfocuscom/bid/15135/info Xerver is prone to multiple input validation vulnerabilities These issues are due to a failure in the application to properly sanitize user-supplied input An attacker can exploit a vulnerability to disclose the contents of any Web accessible script Information obtained may aid in further at ...

NVD-CWE-Other http://www.securityfocus.com/bid/15135 http://www.osvdb.org/20075 http://www.osvdb.org/20076 http://securitytracker.com/id?1015079 http://secunia.com/advisories/17243 https://exchange.xforce.ibmcloud.com/vulnerabilities/22786 https://exchange.xforce.ibmcloud.com/vulnerabilities/22785 https://nvd.nist.gov https://www.exploit-db.com/exploits/26374/

CVE-2005-3293

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect