CVE-2002-1238 Information

Description

Peter Sandvik’s Simple Web Server 0.5.1 and earlier allows remote attackers to bypass access restrictions for files via an HTTP request with a sequence of multiple / (slash) characters such as http://www.example.com///file/.

Reference

http://archives.neohapsis.com/archives/vulnwatch/2002-q4/0065.html http://marc.info/?l=bugtraq&m=103679016031857&w=2 http://www.idefense.com/advisory/11.08.02a.txt http://www.securityfocus.com/bid/6145 https://exchange.xforce.ibmcloud.com/vulnerabilities/10563