CVE-2000-0176 Information

Description

The default configuration of Serv-U 2.5d and earlier allows remote attackers to determine the real pathname of the server by requesting a URL for a directory or file that does not exist.

Reference

http://archives.neohapsis.com/archives/bugtraq/2000-02/0417.html http://www.securityfocus.com/bid/1016