CVE-2004-2518

Gattaca Server 2003 1.1.10.0 - Info Disclosure

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2004-2518. PoCs published by dr_insane.

AI-analyzed exploit summary The exploit describes a path disclosure vulnerability in Gattaca Server 2003, where sending malformed HTTP requests (e.g., with a null byte) causes the server to leak installation paths. No functional PoC code is provided.

Description

Gattaca Server 2003 1.1.10.0 allows remote attackers to obtain sensitive information via (1) a trailing null byte ("%00") to a URL or (2) an invalid LANGUAGE parameter to web.tmpl, which reveals the full installation path in an error message.

Exploits (2)

exploitdb WRITEUP VERIFIED
by dr_insane · textwebappscgi
https://www.exploit-db.com/exploits/24284

The exploit describes a path disclosure vulnerability in Gattaca Server 2003, where sending malformed HTTP requests (e.g., with a null byte) causes the server to leak installation paths. No functional PoC code is provided.

Classification
Writeup 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Theoretical
Target: Gattaca Server 2003 version 1.1.10.0
No auth needed
Prerequisites: Network access to the target server
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by dr_insane · textwebappscgi
https://www.exploit-db.com/exploits/24285

The exploit describes a path disclosure vulnerability in Gattaca Server 2003, where crafted HTTP requests can reveal the installation path and web document root. This is an information leak rather than a direct code execution vulnerability.

Classification
Writeup 90%
Attack Type
Info Leak
Complexity
Trivial
Reliability
Reliable
Target: Gattaca Server 2003 version 1.1.10.0
No auth needed
Prerequisites: Network access to the target server
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (9)

Core 9
Core References
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/10729
Exploit, Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/12071
Exploit vdb-entry x_refsource_osvdb
http://www.osvdb.org/7922
Exploit vdb-entry x_refsource_osvdb
http://www.osvdb.org/7923
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/16699
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/16700
Exploit vdb-entry x_refsource_sectrack
http://securitytracker.com/id?1010703

Scores

EPSS 0.0445
EPSS Percentile 90.2%

Details

Status published
Products (1)
geeos_team/gattaca_server_2003 1.1.10.0
Published Dec 31, 2004
Tracked Since Feb 18, 2026