alt-n WorldClient standard 2.1 - Directory Traversal
| EKU-ID: 25645 | CVE: CVE-2000-0660 ;OSVDB-1459 | OSVDB-ID: |
| Author: Rikard Carlsson | Published: 2000-07-12 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 25645 | CVE: CVE-2000-0660 ;OSVDB-1459 | OSVDB-ID: |
| Author: Rikard Carlsson | Published: 2000-07-12 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/1462/info The HTTP interface for WorldClient 2.1 is vulnerable to a directory traversal. By requesting a URL composed of the filename and ..\ it is possible for a remote user to retrieve and dowload any file of known location. Example: http://email.victim.com/..\..\..\winnt\repair\sam._