CVE-2001-0893

Description

Acme mini_httpd before 1.16 allows remote attackers to view sensitive files under the document root (such as .htpasswd) via a GET request with a trailing /.

Affected products

• ACME / mini_httpd1.16

References

• MISChttp://www.iss.net/security_center/static/7541.php
• MAILING_LISThttp://marc.info/?l=bugtraq&m=100568999726036&w=2
• MISChttp://www.acme.com/software/mini_httpd/