CVE-2002-2427 Information

Description

The security handler in GoAhead WebServer before 2.1.1 allows remote attackers to bypass authentication and obtain access to protected web content via \an extra slash in a URL\ a different vulnerability than CVE-2002-1603.

Reference

http://data.goahead.com/Software/Webserver/2.1.8/release.htmsecurity-features-can-be-bypassed-by-adding-an-extra-slash-in-the-url-bug01518 http://data.goahead.com/Software/Webserver/2.1.8/release.htmsecurity-features-can-be-bypassed-by-adding-an-extra-slash-in-the-url-bug01518 http://www.kb.cert.org/vuls/id/124059