CVE-2002-2094 Information

Description

Joe Testa hellbent 01 allows remote attackers to determine the full path of the web root directory via a GET request with a relative path that includes the root’s parent which generates a 403 error message if the parent is incorrect but a normal response if the parent is correct.

Reference

http://archives.neohapsis.com/archives/bugtraq/2002-01/0228.html http://www.iss.net/security_center/static/7930.php http://www.securityfocus.com/bid/3908