Savant Web Server CGI Script Source Code Disclosure Vulnerability

Savant is a freeware Web server for Microsoft Windows 9x and NT. Savant incorporates many features, including CGI scripting. Savant contains a vulnerability that allows unauthorized users to retrieve the source code of CGI scripts using specific requests.

If successfully exploited, unauthorized users can retrieve source code from CGI scripts located in the Web server. Subsequently, they will have less difficulty searching for more vulnerabilities within the CGIs. This can lead to a complete compromise of the host.

There are no solutions available at this time. For the latest information, or to download a new version, check Savant's Web site.