Vulnerability Scanning Solutions, LLC.
Home
Our Process
Residential
Corporate
What We Scan For
Sample Report
Client List
Terms
Contact Us
What We Scan For
Family: Web Servers --> Category: infos

CERN HTTPD access control bypass Vulnerability Scan


Vulnerability Scan Summary
Acertains if web access control can be circumvented

Detailed Explanation for this Vulnerability Test

It is possible to access protected web pages
by changing / with // or /./
This was a bug in old versions of CERN web server

A work around consisted in rejecting patterns like:
//*
*//*
/./*
*/./*

Solution : Upgrade your web server or tighten your filtering rules
Threat Level: High

Click HERE for more information and discussions on this network vulnerability scan.

VSS, LLC.

P.O. Box 827051

Pembroke Pines, FL 33082-7051

Vulnerability Scanning Solutions, LLC.