CVE-2002-2145 Information

Description

Savant Web Server 3.1 and earlier allows remote attackers to bypass authentication for password protected user folders via a URL with a hex encoded space (20) and a ‘.’ (2e) at the end of the filename.

Reference

http://online.securityfocus.com/archive/1/291791 http://www.iss.net/security_center/static/10104.php http://www.securityfocus.com/bid/5709