Note:
This project will be discontinued after December 13, 2021. [more]
2002-12-31
Directory traversal vulnerability in MyServer 0.11 and 0.2 allows remote attackers to read arbitrary files via a ".." (dot dot) in an HTTP GET request.
Products | Myserver |
Type | Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') (CWE-22) |
First patch | - None (likely due to unavailable code) |
Links |
• http://www.securityfocus.com/bid/6359
• http://archives.neohapsis.com/archives/bugtraq/2002-12/0092.html • https://exchange.xforce.ibmcloud.com/vulnerabilities/10827 |