CVE-2001-0748
acme_server 1.7 - Unauthenticated Arbitrary File Read via URI Path Traversal
Title source: llmExploitation Summary
EIP tracks 1 public exploit for CVE-2001-0748. PoCs published by Adnan Rahman.
AI-analyzed exploit summary This is a writeup describing an information disclosure vulnerability in Acme.Serve 1.7, where the embedded webserver allows unauthenticated remote access to filesystem contents, including sensitive files like '/etc/shadow'.
Description
Acme.Serve 1.7, as used in Cisco Secure ACS Unix and possibly other products, allows remote attackers to read arbitrary files by prepending several / (slash) characters to the URI.
Exploits (1)
This is a writeup describing an information disclosure vulnerability in Acme.Serve 1.7, where the embedded webserver allows unauthenticated remote access to filesystem contents, including sensitive files like '/etc/shadow'.