// back

File Disclosure Vulnerability in Simple Web Server



As its name suggests, Peter Sandvik's Simple Web Server is a Linux-based web server. More information about it is available at http://www.linuxstuffs.cjb.net.


Restricted files can be remotely accessed because of Simple Web Server's failure to properly handle malformed URL requests for said files. For example, if a standard URL to access a restricted file is http://server.com/secret/file, the altered URL http://server.com///secret/file will bypass any access control on that file, thereby granting unauthorized access to it.


The resulting damage from accessing restricted files on the web server is dependent on the actual file accessed and what kind of information is contained within. Simple Web Server is not a widely distributed web server, according to Netcraft.com. As such, the likelihood of widespread exploitation is unlikely.


Simple Web Server 0.5.1, running on Red Hat Linux 7.3, is vulnerable. The vulnerability does not seem to be platform-specific, since it works on Debian Linux 3.0 as well.


Migrate to other supported web servers, being the software is no longer actively maintained.


Peter Sandvik said he will suspend work on the project for now, being he "doesn't have time to work on it."


The Mitre Corp.'s Common Vulnerabilities and Exposures (CVE) Project assigned the identification number CAN-2002-1238 to this issue.


08/29/2002 Issue disclosed to iDEFENSE
09/25/2002 Maintainer, Peter Sandvik notified
09/25/2002 iDEFENSE clients notified
09/25/2002 Response received from Peter Sandvik (peter.sandvik@home.se)
09/26/2002 Started e-mail discussions regarding status of software support
10/31/2002 Last e-mail received regarding status of software support
11/08/2002 Public disclosure


Tamer Sahin (ts@securityoffice.net) discovered this vulnerability.