Test ID:	1.3.6.1.4.1.25623.1.0.100735
Category:	Web Servers
Title:	Mongoose Web Server <= 2.8 Slash Character Remote File Disclosure Vulnerability
Summary:	Mongoose Web Server is prone to a remote file-disclosure; vulnerability because it fails to properly sanitize user-supplied input.
Description:	Summary: Mongoose Web Server is prone to a remote file-disclosure vulnerability because it fails to properly sanitize user-supplied input. Vulnerability Impact: An attacker can exploit this vulnerability to view the source code of files in the context of the server process, which may aid in further attacks. Affected Software/OS: This issue affects Mongoose Web Server version 2.8. Other versions may be vulnerable as well. Solution: No known solution was made available for at least one year since the disclosure of this vulnerability. Likely none will be provided anymore. General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2009-4535 http://freetexthost.com/0lcsrgt3vw http://pocoftheday.blogspot.com/2009/10/mongoose-web-server-v280-remote-source_22.html http://secunia.com/advisories/36934
Copyright	Copyright (C) 2010 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.