CVE-2004-0281

Caucho Technology Resin 2.1.12 - Info Disclosure

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2004-0281. PoCs published by Wang Yun.

AI-analyzed exploit summary This is a writeup describing a directory traversal vulnerability in Resin on Windows NT/2000 systems. The issue allows an attacker to disclose directory listings by manipulating URI parameters.

Description

Caucho Technology Resin 2.1.12 allows remote attackers to gain sensitive information and view the contents of the /WEB-INF/ directory via an HTTP request for "WEB-INF..", which is equivalent to "WEB-INF" in Windows.

Exploits (1)

exploitdb WRITEUP VERIFIED
by Wang Yun · textremotelinux
https://www.exploit-db.com/exploits/23671

This is a writeup describing a directory traversal vulnerability in Resin on Windows NT/2000 systems. The issue allows an attacker to disclose directory listings by manipulating URI parameters.

Classification
Writeup 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Resin 2.1.12 with Apache 1.3.29 on Windows NT/2000
No auth needed
Prerequisites: Resin 2.1.12 running on Windows NT/2000 with Apache 1.3.29
mistral-large-3 · analyzed Feb 16, 2026 Full analysis →

References (3)

Core 3
Core References
Exploit, Third Party Advisory, VDB Entry, Vendor Advisory vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/9617
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/15087
Mailing List, Third Party Advisory mailing-list x_refsource_bugtraq
http://marc.info/?l=bugtraq&m=107635084830547&w=2

Scores

EPSS 0.0420
EPSS Percentile 89.8%

Details

Status published
Products (1)
caucho/resin 2.1.12
Published Nov 23, 2004
Tracked Since Feb 18, 2026