Kolibri+ Webserver 2 suffers from multiple vulnerabilities namely Directory Traversal & Denial OF Service. Vulnerability was reported on 6th of September 2009 by Xc0re Security Research Group.
http://xc0re.net/index.php?p=1_19_Kolibri+-Webserver-2-multiple-vulnerabilities
An attacker can easily crash the server , or send a crafted http request to escape the root directory and view any file , even outside the root directory.
Thanks for downloading and testing Kolibri Webserver.
Please note that “Kolibri+ is primarily intended for testing, development and demo activities … Kolibri+ is not intended for any serious production use.”
So Kolibri is not secure for the same reason bicycles don’t have airbags 🙂
Thanks,
Fedja S. (senkas.com)