minihttp file-sharing for net 1.5 - Directory Traversal
| EKU-ID: 28599 | CVE: OSVDB-2644 | OSVDB-ID: |
| Author: Winter-Smith | Published: 2003-09-15 | Verified:
 |
| Download: | ||
Rating☆☆☆☆☆ |
| EKU-ID: 28599 | CVE: OSVDB-2644 | OSVDB-ID: |
| Author: Winter-Smith | Published: 2003-09-15 | Verified:
|
| Download: | ||
Rating☆☆☆☆☆ |
source: https://www.securityfocus.com/bid/8619/info It has been reported that WebForums and File-Sharing for NET are prone to a remote directory traversal attack due to insufficient sanitization of user-supplied data. This vulnerability could allow a remote attacker to traverse outside the server root directory by using '/../' character sequences. Successful exploitation of this issue could allow a remote attacker to gain access to sensitive information. http://www.example.com/../user.ini