Vulnerabilities > CVE-2007-3365 - Improper Handling of Case Sensitivity vulnerability in Myserverproject Myserver 0.8.9

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

HIGH

Integrity impact

NONE

Availability impact

NONE

network

low complexity

myserverproject

CWE-178

exploit available

NVD

Published: 2007-06-22

Updated: 2024-11-21

Summary

MyServer 0.8.9 and earlier does not properly handle uppercase characters in filename extensions, which allows remote attackers to obtain sensitive information (script source code) via a modified extension, as demonstrated by post.mscgI.

Vulnerable Configurations

Part	Description	Count
Application	Myserverproject Myserverproject Myserver - Myserverproject Myserver 0.8.9	2

Common Weakness Enumeration (CWE)

CWE-178 - Improper Handling of Case Sensitivity

Exploit-Db

description	MyServer 0.8.9 Filename Parse Error Information Disclosure Vulnerability. CVE-2007-3365. Remote exploits for multiple platform
id	EDB-ID:30219
last seen	2016-02-03
modified	2007-06-21
published	2007-06-21
reporter	Shay Priel
source	https://www.exploit-db.com/download/30219/
title	MyServer 0.8.9 Filename Parse Error Information Disclosure Vulnerability

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Exploit-Db

References