HTTP File Server Security Bypass And Denial Of Service Vulnerabilities Network Vulnerability

Summary

HTTP File Server is prone to multiple vulnerabilities including a security- bypass issue and a denial-of-service issue. Exploiting these issues will allow an attacker to download files from restricted directories within the context of the application or cause denial-of-service conditions.

Solution

Reportedly the vendor has fixed the issue. Please see the references for more information.

References

http://aluigi.altervista.org/adv/hfsref-adv.txt
http://www.rejetto.com/hfs/?f=intro
http://www.securityfocus.com/bid/39544

Updated on 2015-03-25

Severity

Classification

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:N/A:P

Related Vulnerabilities

Lil' HTTP Server Cross Site Scripting Vulnerability
CommuniGate Pro Web Mail URI Parsing HTML Injection Vulnerability
IBM WebSphere Application Server WS-Security XML Encryption Weakness Vulnerability
jHTTPd Directory Traversal Vulnerability
JBoss Enterprise Application Platform Multiple Vulnerabilities

HTTP File Server Security Bypass and Denial of Service Vulnerabilities

Take action and discover your vulnerabilities