2002-02-02 05:00:00
mitre
PUBLISHED
Acme mini_httpd before 1.16 allows remote attackers to view sensitive files under the document root (such as .htpasswd) via a GET request with a trailing /.