Vulnerabilities > CVE-2005-1366 - Remote Source Code Disclosure vulnerability in PServ

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
PARTIAL
Integrity impact
PARTIAL
Availability impact
PARTIAL
network
low complexity
pico-server
exploit available
NVD
Published: 2005-05-16
Updated: 2016-10-18

Summary

Pico Server (pServ) 3.2 and earlier allows remote attackers to obtain the source code for CGI scripts via "dirname/../cgi-bin" in a URL.

Vulnerable Configurations

Part Description Count
Application
Pico_Server
4

Exploit-Db

descriptionPServ 3.2 Remote Source Code Disclosure Vulnerability. CVE-2005-1366. Webapps exploit for cgi platform
idEDB-ID:25666
last seen2016-02-03
modified2005-05-16
published2005-05-16
reporterClaus R. F. Overbeck
sourcehttps://www.exploit-db.com/download/25666/
titlePServ 3.2 - Remote Source Code Disclosure Vulnerability

Packetstorm

data sourcehttps://packetstormsecurity.com/files/download/39268/rt-sa-2005-011.txt
idPACKETSTORM:39268
last seen2016-12-05
published2005-08-14
reportertsyklon.informatik.rwth-aachen.de
sourcehttps://packetstormsecurity.com/files/39268/rt-sa-2005-011.txt.html
titlert-sa-2005-011.txt

References