Vulnerabilities > CVE-2004-2516 - Directory Traversal vulnerability in MyServer
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
Directory traversal vulnerability in myServer 0.7 allows remote attackers to list arbitrary directories via an HTTP GET command with a large number of "./" sequences followed by "../" sequences.
Vulnerable Configurations
| Part | Description | Count |
|---|---|---|
| Application | 1 |
Exploit-Db
| description | MyServer 0.7 Directory Traversal Vulnerability. CVE-2004-2516. Remote exploit for windows platform |
| id | EDB-ID:24600 |
| last seen | 2016-02-02 |
| modified | 2004-09-15 |
| published | 2004-09-15 |
| reporter | scrap |
| source | https://www.exploit-db.com/download/24600/ |
| title | myserver 0.7 - Directory Traversal Vulnerability |
Nessus
| NASL family | Web Servers |
| NASL id | MYSERVER_TRAVERSAL.NASL |
| description | This web server is running MyServer <= 0.4.3 or 0.7. This version contains a directory traversal vulnerability, that allows remote users with no authentication to read files outside the webroot. You have to create a dot-dot URL with the same number of |
| last seen | 2020-06-01 |
| modified | 2020-06-02 |
| plugin id | 11851 |
| published | 2003-09-26 |
| reporter | Author Paul Johnston [email protected], Copyright (C) 2003-2018 Westpoint Ltd |
| source | https://www.tenable.com/plugins/nessus/11851 |
| title | MyServer 0.4.3 / 0.7 Crafted Traversal Arbitrary File Access |
References
- http://archives.neohapsis.com/archives/vulnwatch/2004-q3/0052.html
- http://secunia.com/advisories/12561
- http://securitytracker.com/id?1011278
- http://sourceforge.net/project/shownotes.php?release_id=267444
- http://www.osvdb.org/10001
- http://www.securityfocus.com/bid/11189
- https://exchange.xforce.ibmcloud.com/vulnerabilities/17390