CVE-2001-0788

Air Messenger LAN Server <3.4.2 - Info Disclosure

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2001-0788. PoCs published by SNS Research.

AI-analyzed exploit summary This exploit describes an information leakage vulnerability in Air Messenger LAN Server where the path to sensitive files is exposed via the HTTP 'Location' header. The provided example demonstrates how a remote user can retrieve the path by examining the header.

Description

Internet Software Solutions Air Messenger LAN Server (AMLServer) 3.4.2 allows remote attackers to obtain an absolute path for the server directory by viewing the Location header.

Exploits (1)

exploitdb WRITEUP VERIFIED

by SNS Research · textremotewindows

https://www.exploit-db.com/exploits/20934

View Code ZIP pw:eip

This exploit describes an information leakage vulnerability in Air Messenger LAN Server where the path to sensitive files is exposed via the HTTP 'Location' header. The provided example demonstrates how a remote user can retrieve the path by examining the header.

Classification

Writeup 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Reliable

Target: Air Messenger LAN Server

No auth needed

Prerequisites: Network access to the target server

MITRE ATT&CK

T1592 - Gather Victim Host Information

devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Core References

Exploit, Vendor Advisory vdb-entry x_refsource_bid

http://www.securityfocus.com/bid/2881

Vendor Advisory mailing-list x_refsource_bugtraq

http://archives.neohapsis.com/archives/bugtraq/2001-06/0228.html

Scores

EPSS 0.0602

EPSS Percentile 92.4%

Details

Status published

Products (1)

internet_software_solutions/air_messenger_lan_server 3.4.2

Published Oct 18, 2001

Tracked Since Feb 18, 2026