Niti Telecom Caravan Business Server 2.00-03D Remote Directory Traversal Vulnerability

2004-02-02T00:00:00
ID EDB-ID:23635
Type exploitdb
Reporter dr_insane
Modified 2004-02-02T00:00:00

Description

Niti Telecom Caravan Business Server 2.00-03D Remote Directory Traversal Vulnerability. CVE-2004-2170. Webapps exploit for asp platform

                                        
                                            source: http://www.securityfocus.com/bid/9555/info

The showcode.asp script activated in Sample_showcode.html may be vulnerable to a directory traversal issue. A remote attacker may view any files readable by the web server using '../' escape sequences in URI requests. 

http://www.example.org/sample_script_directory/Sample_showcode.html?fname=/../../../../target