Vulnerability Details CVE-2002-2094
Joe Testa hellbent 01 allows remote attackers to determine the full path of the web root directory via a GET request with a relative path that includes the root's parent, which generates a 403 error message if the parent is incorrect, but a normal response if the parent is correct.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.005
EPSS Ranking 65.8%
CVSS Severity
CVSS v2 Score 5.0
References
- http://archives.neohapsis.com/archives/bugtraq/2002-01/0228.html
- http://www.iss.net/security_center/static/7930.php
- http://www.securityfocus.com/bid/3908
- http://archives.neohapsis.com/archives/bugtraq/2002-01/0228.html
- http://www.iss.net/security_center/static/7930.php
- http://www.securityfocus.com/bid/3908