| VID |
22353 |
| Severity |
30 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
WWW |
| Detailed Description |
The MyServer server is vulnerable to a cross-site scripting and a directory listing vulnerability. MyServer is a freely available Web server for Microsoft Windows and Linux-based platforms. MyServer version 0.8 and possibly other versions are vulnerable to multiple input validation vulnerabilities. A remote attacker could exploit these vulnerabilities to disclose the contents of the directory above the configured Web document root and to execute arbitrary HTML and script code in a user's browser session in context of a vulnerable site.
* Platforms Affected:
MyServer MyServer version 0.8 and possibly other versions
Linux Any version
Microsoft Windows Any version |
| Recommendation |
Upgrade to the latest version of MyServer (0.8.1 or later), available from the MyServer Download page at http://sourceforge.net/project/showfiles.php?group_id=63119 |
| Related URL |
CVE-2005-1658,CVE-2005-1659 (CVE) |
| Related URL |
13578,13579 (SecurityFocus) |
| Related URL |
(ISS) |
|
