Vulnerability Details CVE-2002-1078
Abyss Web Server 1.0.3 allows remote attackers to list directory contents via an HTTP GET request that ends in a large number of / (slash) characters.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 73.7%
CVSS Severity
CVSS v2 Score 5.0
References
- http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0043.html
- http://online.securityfocus.com/archive/1/284904
- http://www.iss.net/security_center/static/9721.php
- http://www.securityfocus.com/bid/5345
- http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0043.html
- http://online.securityfocus.com/archive/1/284904
- http://www.iss.net/security_center/static/9721.php
- http://www.securityfocus.com/bid/5345
Products affected by CVE-2002-1078
-
cpe:2.3:a:aprelium_technologies:abyss_web_server:1.0.3