Directory Traversing Vulnerability in 'myServer' Web Server
12 Dec. 2002
Summary
myServer is a free and easy to configure web server. A vulnerability in the product allows remote attackers to view and access files and directories that reside outside the bounding HTML root directory.
Credit:
The information has been provided by dong-h0un U.
Contents of folder ../../myServerEXEC-0.2/
_________________________________________________________________
File Last modify Size
[1]cgi-lib 0/11/102-12:4:16 System time
[2]control.exe 3/11/102-10:48:28 System time 258048 bytes
[3]CVS 0/11/102-12:4:18 System time
[4]languages 0/11/102-12:4:18 System time
[5]libhoard.dll 3/9/102-6:0:0 System time 32843 bytes
[6]logs 0/11/102-12:4:18 System time
[7]MIMEtypes.txt 0/11/102-3:50:42 System time 276 bytes
[8]myserver.exe 3/11/102-10:49:2 System time 200704 bytes
[9]myserver.xml 0/11/102-1:11:46 System time 2238 bytes
[10]readme.txt 0/11/102-9:59:6 System time 1836 bytes
[11]REGISTER SERVICE.bat 3/9/102-6:0:0 System time 20 bytes
[12]START CONSOLE.bat 3/9/102-6:0:0 System time 20 bytes
[13]START SERVICE.bat 3/9/102-6:0:0 System time 17 bytes
[14]STOP SERVICE.bat 3/9/102-6:0:0 System time 16 bytes
[15]system 0/11/102-12:4:18 System time
[16]UNREGISTER SERVICE.bat 3/9/102-6:0:0 System time 22 bytes
[17]web 0/11/102-12:4:18 System time
