VULHUB ™

Reportedly, it is possible for attackers to obtain the contents of files by appending a special character to HTTP requests to Abyss Web Server. Appending the character '+' may disclose the contents of files which would normally act as CGI scripts. In particular, this has been reported with '.chl' files used for remote administration of the system.

Reportedly, it is possible for attackers to obtain the contents of files by appending a special character to HTTP requests to Abyss Web Server. Appending the character '+' may disclose the contents of files which would normally act as CGI scripts. In particular, this has been reported with '.chl' files used for remote administration of the system.