CVE-2002-1078 Information

Description

Abyss Web Server 1.0.3 allows remote attackers to list directory contents via an HTTP GET request that ends in a large number of / (slash) characters.

Reference

http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0043.html http://online.securityfocus.com/archive/1/284904 http://www.iss.net/security_center/static/9721.php http://www.securityfocus.com/bid/5345