Exploitation Summary
EIP tracks 2 public exploits for CVE-2004-1887. PoCs published by Donato Ferrante & Dr_insane, Donato Ferrante.
AI-analyzed exploit summary This is a writeup describing a directory traversal vulnerability in ImgSvr server software, allowing remote users to disclose directory listings inside and outside the server root via crafted URLs.
Description
Ada Image Server (ImgSvr) 0.4 allows remote attackers to view directories or download files via an HTTP request with a trailing %00 (null).
Exploits (2)
This is a writeup describing a directory traversal vulnerability in ImgSvr server software, allowing remote users to disclose directory listings inside and outside the server root via crafted URLs.
The exploit describes a directory traversal vulnerability in ImgSvr server software, allowing arbitrary file retrieval via null byte injection. A separate DoS condition is also noted via a malformed URL path.