Exploitation Summary
EIP tracks 1 public exploit for CVE-2000-0660. PoCs published by Rikard Carlsson.
AI-analyzed exploit summary This exploit demonstrates a directory traversal vulnerability in WorldClient 2.1's HTTP interface, allowing remote attackers to retrieve arbitrary files by manipulating the URL path with '..\' sequences. The example provided shows accessing the SAM database file, which contains sensitive system information.
Description
The WDaemon web server for WorldClient 2.1 allows remote attackers to read arbitrary files via a .. (dot dot) attack.
Exploits (1)
This exploit demonstrates a directory traversal vulnerability in WorldClient 2.1's HTTP interface, allowing remote attackers to retrieve arbitrary files by manipulating the URL path with '..\' sequences. The example provided shows accessing the SAM database file, which contains sensitive system information.