Aldo's Web Server (aweb) 1.5 allows remote attackers to gain sensitive information via an arbitrary character, which reveals the full path and the user running the aweb process, possibly due to a malformed request.
Publication date: Wed, 03 Mar 2004 11:00:00 +0000