漏洞类别:CGI
漏洞等级: 
漏洞信息
MultiThreaded is a simple HTTP Server.
MultiThreaded HTTP server contains a vulnerability that could allow an unauthenticated, remote attacker to gain access to sensitive information by means of directory traversal attacks.
Affected Versions:
MultiThreaded HTTP Server v1.1
QID Detection Logic:
This QID launches a TELNET request to the HTTP port and requests for sensitive files such as etc/passwd using directory traversal characters.
漏洞危害
Successful exploitation allows an unauthenticated remote attacker to gain access to sensitive information by means of directory traversal attacks.
解决方案
N/A
Workaround:
Customers are advised to contact the vendor for updates pertaining to this vulnerability.
If customers are unable to install updated versions, they are advised to use alternative products.
0daybank
文章评论