CVE-2002-1454 Information

Description

MyWebServer 1.0.2 allows remote attackers to determine the absolute path of the web document root via a request for a directory that does not exist which leaks the pathname in an error message.

Reference

http://archives.neohapsis.com/archives/vulnwatch/2002-q3/0077.html http://marc.info/?l=bugtraq&m=102935720109934&w=2 http://www.iss.net/security_center/static/9862.php http://www.securityfocus.com/bid/5471