2005-08-05 04:00:00
mitre
PUBLISHED
Joe Testa hellbent 01 allows remote attackers to determine the full path of the web root directory via a GET request with a relative path that includes the roots parent, which generates a 403 error message if the parent is incorrect, but a normal response if the parent is correct.