Roxen Web Server /%00/ Encoded Request Forced Directory Listing

medium Nessus Plugin ID 10479

Synopsis

The remote web server is affected by an information disclosure vulnerability.

Description

The version of Roxen Web Server running on the remote host is affected by an information disclosure vulnerability. An unauthenticated, remote attacker can exploit this, by using a crafted URL request with '/%00/' appended to the URI, to display a listing of a remote directory, which may contain sensitive files.

Solution

Upgrade to the latest version of Roxen.

See Also

http://web.archive.org/web/20051104160643/http://archives.neohapsis.com:80/archives/bugtraq/2000-07/0307.html

Plugin Details

Severity: Medium

ID: 10479

File Name: roxen_percent.nasl

Version: 1.28

Type: remote

Family: Web Servers

Published: 7/22/2000

Updated: 11/15/2018

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.2

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 3.9

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

CPE: cpe:/a:roxen:webserver

Required KB Items: www/roxen

Exploit Ease: No exploit is required

Exploited by Nessus: true

Vulnerability Publication Date: 7/22/2000

Reference Information

CVE: CVE-2000-0671

BID: 1510