Vulnerabilities > CVE-2003-1137 - Remote Information Disclosure vulnerability in Charles Steinkuehler Sh-Httpd 0.3/0.4

CVSS 5.0 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

PARTIAL

Integrity impact

NONE

Availability impact

NONE

network

low complexity

charles-steinkuehler

exploit available

NVD

Published: 2003-10-27

Updated: 2017-07-11

Summary

Charles Steinkuehler sh-httpd 0.3 and 0.4 allows remote attackers to read files or execute arbitrary CGI scripts via a GET request that contains an asterisk (*) wildcard character.

Vulnerable Configurations

Part	Description	Count
Application	Charles_Steinkuehler Charles Steinkuehler SH Httpd 0.3 Charles Steinkuehler SH Httpd 0.4	2

Exploit-Db

description	SH-HTTPD 0.3/0.4 Character Filtering Remote Information Disclosure Vulnerability. CVE-2003-1137. Remote exploit for linux platform
id	EDB-ID:23295
last seen	2016-02-02
modified	2003-10-27
published	2003-10-27
reporter	dong-h0un U
source	https://www.exploit-db.com/download/23295/
title	SH-HTTPD 0.3/0.4 Character Filtering Remote Information Disclosure Vulnerability

Summary

Vulnerable Configurations

Exploit-Db

References