Perception LiteServe Script Source Code Disclosure Vulnerability
by platon on June 28th, 2001 Perception LiteServe is a commercial e-mail, web, and FTP server for Microsoft Windows...
Perception LiteServe's webserver is subject to a vulnerability which will display the source code for arbitrary CGI scripts to remote attackers. This is accomplished by crafting a URL containing a path to the targeted CGI script using the MS-DOS naming convention for 'cgi-bin' or other directories on the webserver which store scripts.
The displayed script source code may disclose sensitive information, which can be used to mount further attacks against the host.
This vulnerability can be exploited with a web browser.
[Homepage]