Omnicron OmniHTTPd 2.0.4-8 - File Source Disclosure

Author: astral
type: remote
platform: windows
port: 
date_added: 2001-05-26 
date_updated: 2012-08-28 
verified: 1 
codes: CVE-2001-0778;OSVDB-11857 
tags: 
aliases:  
screenshot_url:  
application_url: 

source: https://www.securityfocus.com/bid/2788/info

Submitting a specially crafted GET request for a known file (.php, .pl, or .shtml), could cause OmniHTTPD to disclose the source code of the requested resource. The GET requested would have to be appended with the Unicode equivalent of a space.

Example:

GET /filename.php%20