Detections
Analytics

OmniHTTPd Encoded Space Request Script Source Disclosure

medium Nessus Plugin ID 10716

Synopsis

The remote web server is vulnerable to an information disclosure attack.

Description

OmniHTTPd is affected by a vulnerability that permits malicious users to get the full source code of scripting files.

By appending an ASCII/Unicode space char '%20' to a script's suffix, the web server will no longer interpret it and instead send it back as a simple document in the same manner as it would an HTML document.

The flaw does not work with files located in CGI directories (e.g cgibin, cgi-win).

Solution

Upgrade to OmniHTTPd Professional 2.09 or later.

See Also

https://seclists.org/bugtraq/2001/May/244

http://www.nessus.org/u?fc21307e

Plugin Details

Severity: Medium

ID: 10716

File Name: Omnihttpd_pro_source_disclosure.nasl

Version: 1.35

Type: remote

Family: CGI abuses

Published: 8/13/2001

Updated: 1/19/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.2

CVSS v2

Risk Factor: Medium

Base Score: 5

Temporal Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

Vulnerability Information

Exploit Available: true

Exploit Ease: No exploit is required

Vulnerability Publication Date: 5/26/2001

Reference Information

CVE: CVE-2001-0778

BID: 2788