VULHUB ™

Jetty is a freely available, open source HTTP server written in Java. It is maintained and distributed by the Jetty Project. It is available for the Unix, Linux, and Microsoft Windows platforms. Under some circumstances, it may be possible for a remote user to gain access to the source of files in the web root directory. This is due to the improper handling of double-slashes (//) embedded in a URL. An attacker embedding double-slashes into a URL may be able to bypass the security checks placed on visitors, allowing access to a file directly, as long as the path to the file is known.

Jetty is a freely available, open source HTTP server written in Java. It is maintained and distributed by the Jetty Project. It is available for the Unix, Linux, and Microsoft Windows platforms. Under some circumstances, it may be possible for a remote user to gain access to the source of files in the web root directory. This is due to the improper handling of double-slashes (//) embedded in a URL. An attacker embedding double-slashes into a URL may be able to bypass the security checks placed on visitors, allowing access to a file directly, as long as the path to the file is known.