OmniPro HTTPd 2.08 Scripts Source Full Disclosure Network Vulnerability

Summary

OmniPro HTTPd 2.08 suffers from a security vulnerability that permits malicious users to get the full source code of scripting files. By appending an ASCII/Unicode space char '%20' at the script suffix, the web server will no longer interpret it and rather send it back clearly as a simple document to the user in the same manner as it usually does to process HTML-like files. The flaw does not work with files located in CGI directories (e.g cgibin, cgi-win) Exploit: GET /test.php%20 HTTP/1.0 Vulnerable systems: up to release 2.08

Solution

The vendor is aware of the problem but so far, no patch has been made available. Contact your web server vendor for a possible solution. Until a complete fix is available, you should remove all scripting files from non-executable directories.

Severity

Classification

CVE CVE-2001-0778

CVSS	Base Score: 5.0 AV:N/AC:L/Au:N/C:N/I:P/A:N

Related Vulnerabilities

Apache Archiva Cross Site Request Forgery Vulnerability
Admidio get_file.php Remote File Disclosure Vulnerability
Apache Archiva Home Page Cross-Site Scripting vulnerability
AMSI 'file' Parameter Directory Traversal Vulnerability
Apache Tomcat Information Disclosure Vulnerability

OmniPro HTTPd 2.08 scripts source full disclosure

Take action and discover your vulnerabilities