CVE-2004-1990 Information

Description

Aldo’s Web Server (aweb) 1.5 allows remote attackers to gain sensitive information via an arbitrary character which reveals the full path and the user running the aweb process possibly due to a malformed request.

Reference

http://marc.info/?l=bugtraq&m=108360629031227&w=2 http://secunia.com/advisories/11542 http://www.oliverkarow.de/research/AldosWebserverMultipleVulns.txt http://www.osvdb.org/5880 http://www.securityfocus.com/bid/10262 https://exchange.xforce.ibmcloud.com/vulnerabilities/16047