Preface: HTTP URL contains %00Logo -Internet Security Systems

HTTP URL contains %00
advICE :Intrusions : 2000628
 FAQ
Oh my gosh, I'm being HACKED!!!
How do I report the hacker to my ISP?
I'm seeing lots of attacks, is this normal?
Summary

A URL contains a hex encoding of %00.

Details

In the C programming language, a string is usually terminated with a '\0'. If a URL is encoded with the symbol %00, some Web servers may be fooled into mis-interpreting the URL, which may allow access to restricted information.

 more information
BugtraqID: 977   Zeus Web Server Null Terminated Strings Vulnerability
Appending "%00" to the end of a CGI script filename may permit a remote client to view full contents of the script.  
CVE-2000-0149   Zeus null
 

 parametric information
URL The URL being accessed.

 
Version appeared: 2.1
Privacy Policy |  Copyright Info