[] NeoSense
E X P L O I T S
title author type platform port cve id

Apache Cygwin 1.3.x/2.0.x - Directory Traversal

Author: Jeremy Bae
type: remote
platform: windows
port: 
date_added: 2004-02-24 
date_updated: 2012-12-30 
verified: 1 
codes: CVE-2004-0173;OSVDB-4037 
tags: 
aliases:  
screenshot_url:  
application_url: 
source: https://www.securityfocus.com/bid/9733/info

It has been reported that Apache may be prone to a directory traversal vulnerability that may allow a remote attacker to access information outside the server root directory. This issue is only reported to present itself in Apache running on cygwin platforms. A remote attacker may traverse outside the server root directory by using encoded '\..' character sequences.

http://www.example.com/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cboot.ini
http://www.example.com/..%5C..%5C..%5C..%5C..%5C..%5C/boot.ini
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.