Описание
LiteSpeed Technologies LiteSpeed Web Server 4.0.x before 4.0.15 allows remote attackers to read the source code of scripts via an HTTP request with a null byte followed by a .txt file extension.
LiteSpeed Technologies LiteSpeed Web Server 4.0.x before 4.0.15 allows remote attackers to read the source code of scripts via an HTTP request with a null byte followed by a .txt file extension.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2010-2333
- http://osvdb.org/65476
- http://seclists.org/fulldisclosure/2010/Jun/288
- http://secunia.com/advisories/40128
- http://www.exploit-db.com/exploits/13850
- http://www.litespeedtech.com/latest/litespeed-web-server-4.0.15-released.html
- http://www.litespeedtech.com/support/forum/showthread.php?t=4078
- http://www.securityfocus.com/bid/40815
Связанные уязвимости
nvd
больше 15 лет назад
LiteSpeed Technologies LiteSpeed Web Server 4.0.x before 4.0.15 allows remote attackers to read the source code of scripts via an HTTP request with a null byte followed by a .txt file extension.