Vulnerabilities > CVE-2007-3365 - Improper Handling of Case Sensitivity vulnerability in Myserverproject Myserver 0.8.9

047910
CVSS 7.5 - HIGH
Attack vector
NETWORK
Attack complexity
LOW
Privileges required
NONE
Confidentiality impact
HIGH
Integrity impact
NONE
Availability impact
NONE
network
low complexity
myserverproject
CWE-178
exploit available

Summary

MyServer 0.8.9 and earlier does not properly handle uppercase characters in filename extensions, which allows remote attackers to obtain sensitive information (script source code) via a modified extension, as demonstrated by post.mscgI.

Vulnerable Configurations

Part Description Count
Application
Myserverproject
2

Common Weakness Enumeration (CWE)

Exploit-Db

descriptionMyServer 0.8.9 Filename Parse Error Information Disclosure Vulnerability. CVE-2007-3365. Remote exploits for multiple platform
idEDB-ID:30219
last seen2016-02-03
modified2007-06-21
published2007-06-21
reporterShay Priel
sourcehttps://www.exploit-db.com/download/30219/
titleMyServer 0.8.9 Filename Parse Error Information Disclosure Vulnerability