CVE-2000-0671 Information

Description

Roxen web server earlier than 2.0.69 allows allows remote attackers to bypass access restrictions list directory contents and read source code by inserting a null character (00) to the URL.

Reference

http://archives.neohapsis.com/archives/bugtraq/2000-07/0307.html http://archives.neohapsis.com/archives/bugtraq/2000-07/0321.html http://www.securityfocus.com/bid/1510 https://exchange.xforce.ibmcloud.com/vulnerabilities/4965 roxen-null-char-url(4965)