Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Web :: Servers :: litese~1.htm

LiteServe MS-DOS filename show source vulnerability



Vulnerability

    LiteServe

Affected

    Perception LiteServe

Description

    Wizdumb found following.  Perception  LiteServe is a Web, FTP  and
    e-Mail server for Win*. When GET requests are made to  LiteServe's
    webserver  with  the  name  of  the  cgi-bin directory as a MS-DOS
    directory name (eg. cgi-shizznitch=CGI-SH~1 and  cgi-bin=CGI-BIN),
    LiteServe will read the script instead of executing it.

Solution

    The vendor has been informed,  and a fixed version (v1.28)  is now
    available on Perception's website.


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH